svn rev #23572: trunk/src/lib/gssapi/krb5/
epeisach@MIT.EDU
epeisach at MIT.EDU
Sun Jan 3 10:14:51 EST 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=23572
Commit By: epeisach
Log Message:
krb5_gss_acquire_cred will deref garbage pointer if actual_mechs is NULL.
Changed Files:
U trunk/src/lib/gssapi/krb5/acquire_cred.c
Modified: trunk/src/lib/gssapi/krb5/acquire_cred.c
===================================================================
--- trunk/src/lib/gssapi/krb5/acquire_cred.c 2010-01-03 14:27:02 UTC (rev 23571)
+++ trunk/src/lib/gssapi/krb5/acquire_cred.c 2010-01-03 15:14:51 UTC (rev 23572)
@@ -465,7 +465,7 @@
krb5_context context;
size_t i;
krb5_gss_cred_id_t cred;
- gss_OID_set ret_mechs;
+ gss_OID_set ret_mechs = NULL;
int req_old, req_new;
OM_uint32 ret;
krb5_error_code code;
@@ -693,8 +693,10 @@
/* intern the credential handle */
if (! kg_save_cred_id((gss_cred_id_t) cred)) {
- free(ret_mechs->elements);
- free(ret_mechs);
+ if (ret_mechs) {
+ free(ret_mechs->elements);
+ free(ret_mechs);
+ }
if (cred->ccache)
(void)krb5_cc_close(context, cred->ccache);
#ifndef LEAN_CLIENT
More information about the cvs-krb5
mailing list