krb5 commit: Fix minor KDC memory leaks

Tue Mar 26 13:29:37 EDT 2013

https://github.com/krb5/krb5/commit/58871c23ee9b5a9201f479127fda65e7fcf06310
commit 58871c23ee9b5a9201f479127fda65e7fcf06310
Author: Greg Hudson <ghudson at mit.edu>
Date:   Mon Mar 25 19:17:34 2013 -0400

    Fix minor KDC memory leaks
    
    Fix some small memory leaks which happen only in rare failure
    conditions.  Reported by Will Fiveash <will.fiveash at oracle.com>.

 src/kdc/kdc_authdata.c |   24 +++++++++---------------
 src/kdc/kdc_util.c     |    4 +++-
 src/kdc/main.c         |    2 +-
 3 files changed, 13 insertions(+), 17 deletions(-)

diff --git a/src/kdc/kdc_authdata.c b/src/kdc/kdc_authdata.c
index ed0b281..5a50a47 100644
--- a/src/kdc/kdc_authdata.c
+++ b/src/kdc/kdc_authdata.c
@@ -489,7 +489,8 @@ merge_authdata (krb5_context context,
                 krb5_boolean ignore_kdc_issued)
 {
     size_t i, j, nadata = 0;
-    krb5_authdata **authdata = *out_authdata;
+    krb5_authdata **in_copy = NULL, **authdata = *out_authdata;
+    krb5_error_code code;
 
     if (in_authdata == NULL || in_authdata[0] == NULL)
         return 0;
@@ -502,24 +503,17 @@ merge_authdata (krb5_context context,
     for (i = 0; in_authdata[i] != NULL; i++)
         ;
 
-    if (authdata == NULL) {
-        authdata = (krb5_authdata **)calloc(i + 1, sizeof(krb5_authdata *));
-    } else {
-        authdata = (krb5_authdata **)realloc(authdata,
-                                             ((nadata + i + 1) * sizeof(krb5_authdata *)));
-    }
-    if (authdata == NULL)
-        return ENOMEM;
-
     if (copy) {
-        krb5_error_code code;
-        krb5_authdata **tmp;
-
-        code = krb5_copy_authdata(context, in_authdata, &tmp);
+        code = krb5_copy_authdata(context, in_authdata, &in_copy);
         if (code != 0)
             return code;
+        in_authdata = in_copy;
+    }
 
-        in_authdata = tmp;
+    authdata = realloc(authdata, (nadata + i + 1) * sizeof(krb5_authdata *));
+    if (authdata == NULL) {
+        krb5_free_authdata(context, in_copy);
+        return ENOMEM;
     }
 
     for (i = 0, j = 0; in_authdata[i] != NULL; i++) {
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
index 930aa7a..4e85f68 100644
--- a/src/kdc/kdc_util.c
+++ b/src/kdc/kdc_util.c
@@ -1349,8 +1349,10 @@ kdc_make_s4u2self_rep(krb5_context context,
 
         code = add_pa_data_element(context,&padata,
                                    &reply_encpart->enc_padata, FALSE);
-        if (code != 0)
+        if (code != 0) {
+            free(padata.contents);
             goto cleanup;
+        }
     }
 
 cleanup:
diff --git a/src/kdc/main.c b/src/kdc/main.c
index 2f08df6..6c115a9 100644
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -507,6 +507,7 @@ create_workers(verto_ctx *ctx, int num)
     for (i = 0; i < num; i++) {
         pid = fork();
         if (pid == 0) {
+            free(pids);
             if (!verto_reinitialize(ctx)) {
                 krb5_klog_syslog(LOG_ERR,
                                  _("Unable to reinitialize main loop"));
@@ -524,7 +525,6 @@ create_workers(verto_ctx *ctx, int num)
                 exit(0);
 
             /* Return control to main() in the new worker process. */
-            free(pids);
             return 0;
         }
         if (pid == -1) {
