krb5 commit [krb5-1.11]: Fix a memory leak in krb5_get_init_creds_keytab
Tom Yu
tlyu at MIT.EDU
Tue Mar 5 16:55:39 EST 2013
https://github.com/krb5/krb5/commit/d2a66c6d4c66151acc0a4975e272f0bdc5844ec7
commit d2a66c6d4c66151acc0a4975e272f0bdc5844ec7
Author: Greg Hudson <ghudson at mit.edu>
Date: Thu Feb 28 18:55:31 2013 -0500
Fix a memory leak in krb5_get_init_creds_keytab
lookup_etypes_for_keytab was not freeing the keytab entries it
iterated over. Reported by nalin at redhat.com.
(cherry picked from commit a39af2971e03d3dc6da2cfd8959feebd40a0ffc0)
ticket: 7586
version_fixed: 1.11.2
status: resolved
src/lib/krb5/krb/gic_keytab.c | 14 +++++++++++---
1 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/src/lib/krb5/krb/gic_keytab.c b/src/lib/krb5/krb/gic_keytab.c
index 0fd1034..1dcf50d 100644
--- a/src/lib/krb5/krb/gic_keytab.c
+++ b/src/lib/krb5/krb/gic_keytab.c
@@ -109,22 +109,29 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
if (ret)
goto cleanup;
- if (!krb5_c_valid_enctype(entry.key.enctype))
+ if (!krb5_c_valid_enctype(entry.key.enctype)) {
+ krb5_free_keytab_entry_contents(context, &entry);
continue;
- if (!krb5_principal_compare(context, entry.principal, client))
+ }
+ if (!krb5_principal_compare(context, entry.principal, client)) {
+ krb5_free_keytab_entry_contents(context, &entry);
continue;
+ }
/* Make sure our list is for the highest kvno found for client. */
if (entry.vno > max_kvno) {
free(etypes);
etypes = NULL;
count = 0;
max_kvno = entry.vno;
- } else if (entry.vno != max_kvno)
+ } else if (entry.vno != max_kvno) {
+ krb5_free_keytab_entry_contents(context, &entry);
continue;
+ }
/* Leave room for the terminator and possibly a second entry. */
p = realloc(etypes, (count + 3) * sizeof(*etypes));
if (p == NULL) {
+ krb5_free_keytab_entry_contents(context, &entry);
ret = ENOMEM;
goto cleanup;
}
@@ -136,6 +143,7 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
entry.key.enctype == ENCTYPE_DES_CBC_MD4)
etypes[count++] = ENCTYPE_DES_CBC_CRC;
etypes[count] = 0;
+ krb5_free_keytab_entry_contents(context, &entry);
}
ret = 0;
More information about the cvs-krb5
mailing list