[krbdev.mit.edu #8704] Resource leak in read_secret_file()

Bean Zhang via RT rt-comment at KRBDEV-PROD-APP-1.mit.edu
Wed Jun 20 10:54:47 EDT 2018

Previous message: [krbdev.mit.edu #8700] Resource leak in krb5int_get_fq_local_hostname()
Next message: [krbdev.mit.edu #8705] Resource leak in resolve_target_cache()
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Team,

In read_secret_file() of krb5-1.16.1/src/plugins/preauth/otp/otp_state.c,
When calls k5_path_join(), will store the allocated memory to filename,
later if this function returns, it does not free the memory filename points to.

The fix is to call "free(filename)" before function returns.

Could someone help to take a look?

Thanks,
Bean

Previous message: [krbdev.mit.edu #8700] Resource leak in krb5int_get_fq_local_hostname()
Next message: [krbdev.mit.edu #8705] Resource leak in resolve_target_cache()
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the krb5-bugs mailing list