svn rev #22320: trunk/src/lib/krb5/krb/
ghudson@MIT.EDU
ghudson at MIT.EDU
Wed May 6 14:53:03 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22320
Commit By: ghudson
Log Message:
Fix multiple memory leaks in obtain_sam_padata.
Changed Files:
U trunk/src/lib/krb5/krb/preauth.c
Modified: trunk/src/lib/krb5/krb/preauth.c
===================================================================
--- trunk/src/lib/krb5/krb/preauth.c 2009-05-06 18:52:44 UTC (rev 22319)
+++ trunk/src/lib/krb5/krb/preauth.c 2009-05-06 18:53:03 UTC (rev 22320)
@@ -463,8 +463,10 @@
/* these two get encrypted and stuffed in to sam_response */
krb5_enc_sam_response_enc enc_sam_response_enc;
krb5_keyblock * sam_use_key = 0;
- char * prompt;
+ char *prompt = 0, *passcode = 0;
+ sam_response.sam_enc_nonce_or_ts.ciphertext.data = 0;
+
tmpsam.length = in_padata->length;
tmpsam.data = (char *) in_padata->contents;
retval = decode_krb5_sam_challenge(&tmpsam, &sam_challenge);
@@ -472,7 +474,8 @@
return retval;
if (sam_challenge->sam_flags & KRB5_SAM_MUST_PK_ENCRYPT_SAD) {
- return KRB5_SAM_UNSUPPORTED;
+ retval = KRB5_SAM_UNSUPPORTED;
+ goto cleanup;
}
enc_sam_response_enc.sam_nonce = sam_challenge->sam_nonce;
@@ -480,44 +483,44 @@
retval = krb5_us_timeofday(context,
&enc_sam_response_enc.sam_timestamp,
&enc_sam_response_enc.sam_usec);
+ if (retval)
+ goto cleanup;
sam_response.sam_patimestamp = enc_sam_response_enc.sam_timestamp;
}
- if (retval)
- return retval;
if (sam_challenge->sam_flags & KRB5_SAM_SEND_ENCRYPTED_SAD) {
/* encrypt passcode in key by stuffing it here */
unsigned int pcsize = 256;
- char *passcode = malloc(pcsize+1);
- if (passcode == NULL)
- return ENOMEM;
+ passcode = malloc(pcsize + 1);
+ if (passcode == NULL) {
+ retval = ENOMEM;
+ goto cleanup;
+ }
prompt = handle_sam_labels(sam_challenge);
if (prompt == NULL) {
- free(passcode);
- return ENOMEM;
+ retval = ENOMEM;
+ goto cleanup;
}
retval = krb5_read_password(context, prompt, 0, passcode, &pcsize);
- free(prompt);
-
- if (retval) {
- free(passcode);
- return retval;
- }
+ if (retval)
+ goto cleanup;
enc_sam_response_enc.sam_sad.data = passcode;
enc_sam_response_enc.sam_sad.length = pcsize;
} else if (sam_challenge->sam_flags & KRB5_SAM_USE_SAD_AS_KEY) {
prompt = handle_sam_labels(sam_challenge);
- if (prompt == NULL)
- return ENOMEM;
+ if (prompt == NULL) {
+ retval = ENOMEM;
+ goto cleanup;
+ }
retval = sam_get_pass_from_user(context, etype_info, key_proc,
key_seed, request, &sam_use_key,
prompt);
- free(prompt);
if (retval)
- return retval;
+ goto cleanup;
enc_sam_response_enc.sam_sad.length = 0;
} else {
/* what *was* it? */
- return KRB5_SAM_UNSUPPORTED;
+ retval = KRB5_SAM_UNSUPPORTED;
+ goto cleanup;
}
/* so at this point, either sam_use_key is generated from the passcode
@@ -526,7 +529,7 @@
/* encode the encoded part of the response */
if ((retval = encode_krb5_enc_sam_response_enc(&enc_sam_response_enc,
&scratch)) != 0)
- return retval;
+ goto cleanup;
if ((retval = krb5_encrypt_data(context,
sam_use_key?sam_use_key:def_enc_key,
@@ -548,7 +551,7 @@
sam_response.magic = KV5M_SAM_RESPONSE;
if ((retval = encode_krb5_sam_response(&sam_response, &scratch)) != 0)
- return retval;
+ goto cleanup;
if ((pa = malloc(sizeof(krb5_pa_data))) == NULL) {
retval = ENOMEM;
@@ -567,6 +570,9 @@
cleanup:
krb5_free_data(context, scratch);
- free(sam_challenge);
+ krb5_free_sam_challenge(context, sam_challenge);
+ free(prompt);
+ free(passcode);
+ free(sam_response.sam_enc_nonce_or_ts.ciphertext.data);
return retval;
}
More information about the cvs-krb5
mailing list