krb5 commit [krb5-1.10]: Fix oid set construction in gss_inquire_cred()
Tom Yu
tlyu at MIT.EDU
Fri Aug 3 18:30:39 EDT 2012
https://github.com/krb5/krb5/commit/bd8f713b254daa4f24f6fb9b8ea15f1eaff3f17d
commit bd8f713b254daa4f24f6fb9b8ea15f1eaff3f17d
Author: Kevin Wasserman <kevin.wasserman at painless-security.com>
Date: Wed Aug 1 18:30:02 2012 -0400
Fix oid set construction in gss_inquire_cred()
Use gssapi calls to construct the oid sets. It is not safe on windows
to use malloc to hand-construct the set and then call gss_release_oid_set()
to clean it up.
Signed-off-by: Kevin Wasserman <kevin.wasserman at painless-security.com>
(cherry picked from commit 4cfdf8da69f52c778af4faaea663981a67634bb6)
ticket: 7227
version_fixed: 1.10.3
status: resolved
src/lib/gssapi/mechglue/g_inq_cred.c | 32 ++++++++++----------------------
1 files changed, 10 insertions(+), 22 deletions(-)
diff --git a/src/lib/gssapi/mechglue/g_inq_cred.c b/src/lib/gssapi/mechglue/g_inq_cred.c
index 3c09d61..7dab781 100644
--- a/src/lib/gssapi/mechglue/g_inq_cred.c
+++ b/src/lib/gssapi/mechglue/g_inq_cred.c
@@ -123,29 +123,23 @@ gss_OID_set * mechanisms;
*/
if(mechanisms != NULL) {
- status = GSS_S_FAILURE;
- mechs = (gss_OID_set) malloc(sizeof(gss_OID_set_desc));
- if (mechs == NULL)
- goto error;
- mechs->count = 0;
- mechs->elements = malloc(sizeof(gss_OID_desc) *
- (union_cred ? union_cred->count : 1));
- if (mechs->elements == NULL)
+ status = gss_create_empty_oid_set(minor_status, &mechs);
+ if (GSS_ERROR(status))
goto error;
if (union_cred) {
for (i = 0; i < union_cred->count; i++) {
- mechs->elements[i].elements =
- malloc(union_cred->mechs_array[i].length);
- if (mechs->elements[i].elements == NULL)
+ status = gss_add_oid_set_member(minor_status,
+ &union_cred->mechs_array[i],
+ &mechs);
+ if (GSS_ERROR(status))
goto error;
- g_OID_copy(&mechs->elements[i], &union_cred->mechs_array[i]);
- mechs->count++;
}
} else {
- mechs->elements[0].elements = malloc(mech->mech_type.length);
- g_OID_copy(&mechs->elements[0], &mech->mech_type);
- mechs->count++;
+ status = gss_add_oid_set_member(minor_status,
+ &mech->mech_type, &mechs);
+ if (GSS_ERROR(status))
+ goto error;
}
*mechanisms = mechs;
}
@@ -153,12 +147,6 @@ gss_OID_set * mechanisms;
return(GSS_S_COMPLETE);
error:
- /*
- * cleanup any allocated memory - we can just call
- * gss_release_oid_set, because the set is constructed so that
- * count always references the currently copied number of
- * elements.
- */
if (mechs != NULL)
(void) gss_release_oid_set(&temp_minor_status, &mechs);
More information about the cvs-krb5
mailing list