From ab7c12e1634e5c8a1f9ccae0d53aef894e21ca41 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Tue, 24 Nov 2015 19:22:18 +0100
Subject: [PATCH] saml-2.0: fix leak of message_id in
 lasso_profile_saml20_build_paos_request_msg

---
 lasso/saml-2.0/profile.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lasso/saml-2.0/profile.c b/lasso/saml-2.0/profile.c
index 1057e0df..2de4937f 100644
--- a/lasso/saml-2.0/profile.c
+++ b/lasso/saml-2.0/profile.c
@@ -914,6 +914,7 @@ lasso_profile_saml20_build_paos_request_msg(LassoProfile *profile, const char *u
 	int rc = 0;
     LassoSamlp2AuthnRequest *request;
 	LassoSamlp2IDPList *idp_list = NULL;
+	char *message_id = NULL;
 
 	lasso_extract_node_or_fail(request, profile->request, SAMLP2_AUTHN_REQUEST,
 							   LASSO_PROFILE_ERROR_MISSING_REQUEST);
@@ -925,10 +926,12 @@ lasso_profile_saml20_build_paos_request_msg(LassoProfile *profile, const char *u
 								   LASSO_PROFILE_ERROR_INVALID_IDP_LIST);
 	}
 
+	message_id = lasso_profile_get_message_id(profile);
+
 	lasso_assign_new_string(profile->msg_body,
 			lasso_node_export_to_paos_request_full(profile->request,
 												   profile->server->parent.ProviderID, url,
-												   lasso_profile_get_message_id(profile),
+												   message_id,
 												   profile->msg_relayState,
 												   request->IsPassive, request->ProviderName,
 												   idp_list));
@@ -936,6 +939,7 @@ lasso_profile_saml20_build_paos_request_msg(LassoProfile *profile, const char *u
 	check_msg_body;
 
 cleanup:
+	lasso_release_string(message_id);
 	return rc;
 }