krb5 commit: Don't leak the per-request preauth context
Greg Hudson
ghudson at MIT.EDU
Thu Mar 13 15:47:36 EDT 2014
https://github.com/krb5/krb5/commit/a47c4e68308331a630480cb62c2b7711432e0123
commit a47c4e68308331a630480cb62c2b7711432e0123
Author: Nalin Dahyabhai <nalin at dahyabhai.net>
Date: Tue Mar 11 13:33:23 2014 -0400
Don't leak the per-request preauth context
Currently, per-request preauth module data is only cleared when we
successfully obtain initial credentials. Make sure to clear it at the
end of the operation even if we failed to get creds.
[ghudson at mit.edu: expanded commit message]
ticket: 7793
target_version: 1.12.2
tags: pullup
src/lib/krb5/krb/get_in_tkt.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index ebd2844..ebcb362 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -488,6 +488,7 @@ krb5_init_creds_free(krb5_context context,
k5_response_items_free(ctx->rctx.items);
free(ctx->in_tkt_service);
zapfree(ctx->gakpw.storage.data, ctx->gakpw.storage.length);
+ k5_preauth_request_context_fini(context);
krb5_free_error(context, ctx->err_reply);
krb5_free_pa_data(context, ctx->err_padata);
krb5_free_cred_contents(context, &ctx->cred);
More information about the cvs-krb5
mailing list