[krbdev.mit.edu #9016] git commit
Greg Hudson via RT
rt at krbdev.mit.edu
Wed Jul 21 12:05:07 EDT 2021
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9016 >
Fix defcred leak in krb5 gss_inquire_cred()
Commit 1cd2821c19b2b95e39d5fc2f451a035585a40fa5 altered the memory
management of krb5_gss_inquire_cred(), introducing defcred to act as
an owner pointer when the function must acquire a default credential.
The commit neglected to update the code to release the default cred
along the successful path. The old code does not trigger because
cred_handle is now reassigned, so the default credential is leaked.
Unify the success and failure cleanup for this function so that
defcred is properly released on success.
Reported by Pavel Březina.
https://github.com/krb5/krb5/commit/593e16448e1af23eef74689afe06a7bcc86e79c7
Author: Greg Hudson <ghudson at mit.edu>
Commit: 593e16448e1af23eef74689afe06a7bcc86e79c7
Branch: master
src/lib/gssapi/krb5/inq_cred.c | 16 ++++++----------
1 files changed, 6 insertions(+), 10 deletions(-)
More information about the krb5-bugs
mailing list