svn rev #22426: branches/krb5-1-6/src/ kdc/ lib/gssapi/krb5/ lib/krb5/krb/ lib/krb5/os/ ...
tlyu@MIT.EDU
tlyu at MIT.EDU
Wed Jul 8 21:54:51 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22426
Commit By: tlyu
Log Message:
ticket: 5997
status: resolved
version_fixed: 1.6.4
pull up r20482, r20481 from trunk
------------------------------------------------------------------------
r20482 | raeburn | 2008-06-26 22:51:09 -0400 (Thu, 26 Jun 2008) | 5 lines
ticket: 5997
Memory leak, and possible freed-memory dereference, in an error (small
allocation failure) path.
------------------------------------------------------------------------
r20481 | raeburn | 2008-06-26 22:47:06 -0400 (Thu, 26 Jun 2008) | 9 lines
ticket: new
target_version: 1.6.4
subject: misc memory leaks
tags: pullup
Fix various memory leaks that show up mostly in error cases (e.g.,
failure to allocate one small object, and then we forget to free
another one).
Changed Files:
U branches/krb5-1-6/src/kdc/do_tgs_req.c
U branches/krb5-1-6/src/kdc/kdc_util.c
U branches/krb5-1-6/src/lib/gssapi/krb5/k5seal.c
U branches/krb5-1-6/src/lib/krb5/krb/bld_pr_ext.c
U branches/krb5-1-6/src/lib/krb5/krb/get_creds.c
U branches/krb5-1-6/src/lib/krb5/krb/get_in_tkt.c
U branches/krb5-1-6/src/lib/krb5/krb/gic_opt.c
U branches/krb5-1-6/src/lib/krb5/krb/init_ctx.c
U branches/krb5-1-6/src/lib/krb5/os/an_to_ln.c
U branches/krb5-1-6/src/lib/rpc/auth_gss.c
U branches/krb5-1-6/src/plugins/kdb/db2/adb_policy.c
Modified: branches/krb5-1-6/src/kdc/do_tgs_req.c
===================================================================
--- branches/krb5-1-6/src/kdc/do_tgs_req.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/kdc/do_tgs_req.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -57,7 +57,7 @@
process_tgs_req(krb5_data *pkt, const krb5_fulladdr *from,
krb5_data **response)
{
- krb5_keyblock * subkey;
+ krb5_keyblock * subkey = 0;
krb5_kdc_req *request = 0;
krb5_db_entry server;
krb5_kdc_rep reply;
@@ -99,8 +99,10 @@
/*
* setup_server_realm() sets up the global realm-specific data pointer.
*/
- if ((retval = setup_server_realm(request->server)))
+ if ((retval = setup_server_realm(request->server))) {
+ krb5_free_kdc_req(kdc_context, request);
return retval;
+ }
fromstring = inet_ntop(ADDRTYPE2FAMILY(from->address->addrtype),
from->address->contents,
@@ -712,7 +714,9 @@
if (session_key.contents)
krb5_free_keyblock_contents(kdc_context, &session_key);
if (newtransited)
- free(enc_tkt_reply.transited.tr_contents.data);
+ free(enc_tkt_reply.transited.tr_contents.data);
+ if (subkey)
+ krb5_free_keyblock(kdc_context, subkey);
return retval;
}
@@ -834,6 +838,7 @@
"TGS_REQ: issuing TGT %s", sname);
free(sname);
}
+ krb5_free_realm_tree(kdc_context, plist);
return;
}
krb5_db_free_principal(kdc_context, server, *nprincs);
Modified: branches/krb5-1-6/src/kdc/kdc_util.c
===================================================================
--- branches/krb5-1-6/src/kdc/kdc_util.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/kdc/kdc_util.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -1,7 +1,7 @@
/*
* kdc/kdc_util.c
*
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991,2007,2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
@@ -425,6 +425,10 @@
retval = krb5_dbekd_decrypt_key_data(kdc_context, &master_keyblock,
server_key,
*key, NULL);
+ if (retval) {
+ free(*key);
+ *key = NULL;
+ }
} else
retval = ENOMEM;
errout:
Modified: branches/krb5-1-6/src/lib/gssapi/krb5/k5seal.c
===================================================================
--- branches/krb5-1-6/src/lib/gssapi/krb5/k5seal.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/lib/gssapi/krb5/k5seal.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -159,8 +159,10 @@
}
code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
- if (code)
+ if (code) {
+ xfree(t);
return(code);
+ }
md5cksum.length = sumlen;
Modified: branches/krb5-1-6/src/lib/krb5/krb/bld_pr_ext.c
===================================================================
--- branches/krb5-1-6/src/lib/krb5/krb/bld_pr_ext.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/lib/krb5/krb/bld_pr_ext.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -1,7 +1,7 @@
/*
* lib/krb5/krb/bld_pr_ext.c
*
- * Copyright 1991 by the Massachusetts Institute of Technology.
+ * Copyright 1991, 2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
@@ -39,7 +39,7 @@
register int i, count = 0;
register unsigned int size;
register char *next;
- char *tmpdata;
+ char *tmpdata = 0;
krb5_data *princ_data;
krb5_principal princ_ret;
@@ -97,6 +97,7 @@
krb5_xfree(princ_data[i].data);
krb5_xfree(princ_data);
krb5_xfree(princ_ret);
+ krb5_xfree(tmpdata);
va_end(ap);
return ENOMEM;
}
Modified: branches/krb5-1-6/src/lib/krb5/krb/get_creds.c
===================================================================
--- branches/krb5-1-6/src/lib/krb5/krb/get_creds.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/lib/krb5/krb/get_creds.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -1,7 +1,7 @@
/*
* lib/krb5/krb/get_creds.c
*
- * Copyright 1990 by the Massachusetts Institute of Technology.
+ * Copyright 1990, 2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
@@ -207,8 +207,12 @@
retval = 255;
break;
}
+ /*
+ * Callers to krb5_get_cred_blah... must free up tgts even in
+ * error cases.
+ */
+ if (tgts) krb5_free_tgt_creds(context, tgts);
if (retval) return retval;
- if (tgts) krb5_free_tgt_creds(context, tgts);
retval = krb5_cc_get_principal(context, ccache, &tmp);
if (retval) return retval;
Modified: branches/krb5-1-6/src/lib/krb5/krb/get_in_tkt.c
===================================================================
--- branches/krb5-1-6/src/lib/krb5/krb/get_in_tkt.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/lib/krb5/krb/get_in_tkt.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -997,13 +997,15 @@
/* stuff the client realm into the server principal.
realloc if necessary */
- if (request.server->realm.length < request.client->realm.length)
- if ((request.server->realm.data =
- (char *) realloc(request.server->realm.data,
- request.client->realm.length)) == NULL) {
+ if (request.server->realm.length < request.client->realm.length) {
+ char *p = realloc(request.server->realm.data,
+ request.client->realm.length);
+ if (p == NULL) {
ret = ENOMEM;
goto cleanup;
}
+ request.server->realm.data = p;
+ }
request.server->realm.length = request.client->realm.length;
memcpy(request.server->realm.data, request.client->realm.data,
Modified: branches/krb5-1-6/src/lib/krb5/krb/gic_opt.c
===================================================================
--- branches/krb5-1-6/src/lib/krb5/krb/gic_opt.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/lib/krb5/krb/gic_opt.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -306,6 +306,7 @@
newpad = realloc(opte->opt_private->preauth_data, newsize);
if (newpad == NULL)
return ENOMEM;
+ opte->opt_private->preauth_data = newpad;
i = opte->opt_private->num_preauth_data;
newpad[i].attr = strdup(attr);
@@ -317,7 +318,6 @@
return ENOMEM;
}
opte->opt_private->num_preauth_data += 1;
- opte->opt_private->preauth_data = newpad;
return 0;
}
Modified: branches/krb5-1-6/src/lib/krb5/krb/init_ctx.c
===================================================================
--- branches/krb5-1-6/src/lib/krb5/krb/init_ctx.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/lib/krb5/krb/init_ctx.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -360,8 +360,10 @@
if ((old_ktypes =
(krb5_enctype *)malloc(sizeof(krb5_enctype) * (count + 1))) ==
- (krb5_enctype *) NULL)
+ (krb5_enctype *) NULL) {
+ profile_release_string(retval);
return ENOMEM;
+ }
sp = retval;
j = 0;
Modified: branches/krb5-1-6/src/lib/krb5/os/an_to_ln.c
===================================================================
--- branches/krb5-1-6/src/lib/krb5/os/an_to_ln.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/lib/krb5/os/an_to_ln.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -1,7 +1,7 @@
/*
* lib/krb5/os/an_to_ln.c
*
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991,2007,2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
@@ -438,7 +438,7 @@
memset(out, '\0', MAX_FORMAT_BUFFER);
if (!do_replacement(rule, repl, doglobal, in, out)) {
free(rule);
- free(repl);
+ free(repl);
kret = KRB5_LNAME_NOTRANS;
break;
}
@@ -453,6 +453,7 @@
}
else {
/* No memory for copies */
+ free(rule);
kret = ENOMEM;
break;
}
Modified: branches/krb5-1-6/src/lib/rpc/auth_gss.c
===================================================================
--- branches/krb5-1-6/src/lib/rpc/auth_gss.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/lib/rpc/auth_gss.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -186,6 +186,7 @@
rpc_createerr.cf_stat = RPC_SYSTEMERROR;
rpc_createerr.cf_error.re_errno = ENOMEM;
free(auth);
+ free(gd);
return (NULL);
}
}
Modified: branches/krb5-1-6/src/plugins/kdb/db2/adb_policy.c
===================================================================
--- branches/krb5-1-6/src/plugins/kdb/db2/adb_policy.c 2009-07-01 16:23:25 UTC (rev 22425)
+++ branches/krb5-1-6/src/plugins/kdb/db2/adb_policy.c 2009-07-09 01:54:50 UTC (rev 22426)
@@ -358,6 +358,7 @@
if(!xdr_osa_policy_ent_rec(&xdrs, entry)) {
xdr_destroy(&xdrs);
free(aligned_data);
+ osa_free_policy_ent(entry);
ret = OSA_ADB_FAILURE;
goto error;
}
More information about the cvs-krb5
mailing list