krb5 commit [krb5-1.13]: Fix leak in gss_acquire_cred_with_password
Tom Yu
tlyu at mit.edu
Tue Aug 18 17:15:07 EDT 2015
https://github.com/krb5/krb5/commit/8af61fbe4c66d6cffa392519ab2c78a18e4d7299
commit 8af61fbe4c66d6cffa392519ab2c78a18e4d7299
Author: Greg Hudson <ghudson at mit.edu>
Date: Fri Jun 19 17:16:52 2015 -0400
Fix leak in gss_acquire_cred_with_password
The target_mechs array needs to be freed on successful return.
(cherry picked from commit 02a85d73c4548d27dcbc1c1681b4bf1370b03632)
ticket: 8204
version_fixed: 1.13.3
status: resolved
src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c
index f290f8a..7835d59 100644
--- a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c
+++ b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c
@@ -496,6 +496,9 @@ gss_add_cred_with_password(minor_status, input_cred_handle,
selected_mech,
&allocated_name);
+ if (target_mechs)
+ (void)gss_release_oid_set(&temp_minor_status, &target_mechs);
+
return (GSS_S_COMPLETE);
errout:
More information about the cvs-krb5
mailing list