krb5 commit [krb5-1.12]: Don't leak the per-request preauth context
Tom Yu
tlyu at MIT.EDU
Thu Jun 26 16:53:42 EDT 2014
https://github.com/krb5/krb5/commit/4308567b47ac6b29b56ae0ad716b632c1dbe1993
commit 4308567b47ac6b29b56ae0ad716b632c1dbe1993
Author: Nalin Dahyabhai <nalin at dahyabhai.net>
Date: Tue Mar 11 13:33:23 2014 -0400
Don't leak the per-request preauth context
Currently, per-request preauth module data is only cleared when we
successfully obtain initial credentials. Make sure to clear it at the
end of the operation even if we failed to get creds.
[ghudson at mit.edu: expanded commit message]
(cherry picked from commit a47c4e68308331a630480cb62c2b7711432e0123)
ticket: 7793
version_fixed: 1.12.2
status: resolved
src/lib/krb5/krb/get_in_tkt.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index d7b2bd9..72c025d 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -492,6 +492,7 @@ krb5_init_creds_free(krb5_context context,
k5_response_items_free(ctx->rctx.items);
free(ctx->in_tkt_service);
zapfree(ctx->gakpw.storage.data, ctx->gakpw.storage.length);
+ k5_preauth_request_context_fini(context);
krb5_free_error(context, ctx->err_reply);
krb5_free_pa_data(context, ctx->err_padata);
krb5_free_cred_contents(context, &ctx->cred);
More information about the cvs-krb5
mailing list