svn rev #25225: trunk/src/lib/krb5/krb/
ghudson@MIT.EDU
ghudson at MIT.EDU
Thu Sep 22 12:20:13 EDT 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=25225
Commit By: ghudson
Log Message:
Improve mk_safe/mk_priv cleanup slightly.
In both functions, initialize outbuf on error, and avoid putting
pointers into it before we reach the successful return stage.
Changed Files:
U trunk/src/lib/krb5/krb/mk_priv.c
U trunk/src/lib/krb5/krb/mk_safe.c
Modified: trunk/src/lib/krb5/krb/mk_priv.c
===================================================================
--- trunk/src/lib/krb5/krb/mk_priv.c 2011-09-21 22:29:25 UTC (rev 25224)
+++ trunk/src/lib/krb5/krb/mk_priv.c 2011-09-22 16:20:13 UTC (rev 25225)
@@ -114,7 +114,10 @@
krb5_error_code retval;
krb5_key key;
krb5_replay_data replaydata;
+ krb5_data buf = empty_data();
+ *outbuf = empty_data();
+
/* Clear replaydata block */
memset(&replaydata, 0, sizeof(krb5_replay_data));
@@ -191,7 +194,7 @@
if ((retval = mk_priv_basic(context, userdata, key, &replaydata,
plocal_fulladdr, premote_fulladdr,
- auth_context->i_vector, outbuf))) {
+ auth_context->i_vector, &buf))) {
CLEANUP_DONE();
goto error;
}
@@ -203,10 +206,8 @@
krb5_donot_replay replay;
if ((retval = krb5_gen_replay_name(context, auth_context->local_addr,
- "_priv", &replay.client))) {
- free(outbuf);
+ "_priv", &replay.client)))
goto error;
- }
replay.server = ""; /* XXX */
replay.msghash = NULL;
@@ -220,9 +221,11 @@
free(replay.client);
}
+ *outbuf = buf;
return 0;
error:
+ krb5_free_data_contents(context, &buf);
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) ||
(auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE))
auth_context->local_seq_number--;
Modified: trunk/src/lib/krb5/krb/mk_safe.c
===================================================================
--- trunk/src/lib/krb5/krb/mk_safe.c 2011-09-21 22:29:25 UTC (rev 25224)
+++ trunk/src/lib/krb5/krb/mk_safe.c 2011-09-22 16:20:13 UTC (rev 25225)
@@ -137,7 +137,10 @@
krb5_error_code retval;
krb5_key key;
krb5_replay_data replaydata;
+ krb5_data buf = empty_data();
+ *outbuf = empty_data();
+
/* Clear replaydata block */
memset(&replaydata, 0, sizeof(krb5_replay_data));
@@ -217,7 +220,7 @@
sumtype = safe_cksumtype(context, auth_context, key->keyblock.enctype);
if ((retval = krb5_mk_safe_basic(context, userdata, key, &replaydata,
plocal_fulladdr, premote_fulladdr,
- sumtype, outbuf))) {
+ sumtype, &buf))) {
CLEANUP_DONE();
goto error;
}
@@ -229,26 +232,24 @@
krb5_donot_replay replay;
if ((retval = krb5_gen_replay_name(context, auth_context->local_addr,
- "_safe", &replay.client))) {
- free(outbuf);
+ "_safe", &replay.client)))
goto error;
- }
replay.server = ""; /* XXX */
replay.msghash = NULL;
replay.cusec = replaydata.usec;
replay.ctime = replaydata.timestamp;
- if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) {
- /* should we really error out here? XXX */
- free(outbuf);
+ /* should we really error out here? XXX */
+ if ((retval = krb5_rc_store(context, auth_context->rcache, &replay)))
goto error;
- }
free(replay.client);
}
+ *outbuf = buf;
return 0;
error:
+ krb5_free_data_contents(context, &buf);
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) ||
(auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE))
auth_context->local_seq_number--;
More information about the cvs-krb5
mailing list