krb5 commit [krb5-1.12]: Fix leak in gss_acquire_cred_with_password
Tom Yu
tlyu at mit.edu
Wed Dec 9 15:26:47 EST 2015
https://github.com/krb5/krb5/commit/30e9f9c3820a3d368fbe45c93abfc1cef7d60f4d
commit 30e9f9c3820a3d368fbe45c93abfc1cef7d60f4d
Author: Greg Hudson <ghudson at mit.edu>
Date: Fri Jun 19 17:16:52 2015 -0400
Fix leak in gss_acquire_cred_with_password
The target_mechs array needs to be freed on successful return.
(cherry picked from commit 02a85d73c4548d27dcbc1c1681b4bf1370b03632)
ticket: 8304 (new)
version_fixed: 1.12.5
status: resolved
src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c
index f290f8a..7835d59 100644
--- a/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c
+++ b/src/lib/gssapi/mechglue/g_acquire_cred_with_pw.c
@@ -496,6 +496,9 @@ gss_add_cred_with_password(minor_status, input_cred_handle,
selected_mech,
&allocated_name);
+ if (target_mechs)
+ (void)gss_release_oid_set(&temp_minor_status, &target_mechs);
+
return (GSS_S_COMPLETE);
errout:
More information about the cvs-krb5
mailing list