krb5 commit [krb5-1.11]: Fix memory leak in krb5_verify_init_creds

Tom Yu tlyu at mit.edu
Fri Feb 6 17:26:52 EST 2015


https://github.com/krb5/krb5/commit/33df3ae20c79e2d87c57c47db5009fa3fa0284ef
commit 33df3ae20c79e2d87c57c47db5009fa3fa0284ef
Author: Nalin Dahyabhai <nalin at dahyabhai.net>
Date:   Mon Feb 17 17:14:20 2014 -0500

    Fix memory leak in krb5_verify_init_creds
    
    When copying most of the credentials from one cache to another in
    copy_creds_except (called from get_vfy_cred, from
    krb5_verify_init_creds), we need to free all of the credentials that
    we read, not just the ones we copied.
    
    [ghudson at mit.edu: edited commit message]
    
    (cherry picked from commit 27b136d2e3181e787b2d4a03ee712d5d5137f5cd)
    
    ticket: 8089 (new)
    version_fixed: 1.11.6
    status: resolved

 src/lib/krb5/krb/vfy_increds.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/lib/krb5/krb/vfy_increds.c b/src/lib/krb5/krb/vfy_increds.c
index e88a37f..4833992 100644
--- a/src/lib/krb5/krb/vfy_increds.c
+++ b/src/lib/krb5/krb/vfy_increds.c
@@ -69,9 +69,9 @@ copy_creds_except(krb5_context context, krb5_ccache incc,
 
     while (!(ret = krb5_cc_next_cred(context, incc, &cur, &creds))) {
         if (krb5_principal_compare(context, princ, creds.server))
-            continue;
-
-        ret = krb5_cc_store_cred(context, outcc, &creds);
+            ret = 0;
+        else
+            ret = krb5_cc_store_cred(context, outcc, &creds);
         krb5_free_cred_contents(context, &creds);
         if (ret)
             goto cleanup;


More information about the cvs-krb5 mailing list