krb5 commit: Fix leak in FAST OTP client processing

Wed Aug 10 13:51:40 EDT 2016

https://github.com/krb5/krb5/commit/7029efc11525299b87b9024280ef1d9f82059ec5
commit 7029efc11525299b87b9024280ef1d9f82059ec5
Author: Greg Hudson <ghudson at mit.edu>
Date:   Tue Jun 28 21:38:57 2016 -0400

    Fix leak in FAST OTP client processing
    
    In set_pa_data(), after encoding the OTP request and stealing the
    pointer from the resulting krb5_data object, free the krb5_data
    container.
    
    ticket: 8443 (new)
    target_version: 1.14-next
    target_version: 1.13-next
    tags: pullup

 src/lib/krb5/krb/preauth_otp.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/src/lib/krb5/krb/preauth_otp.c b/src/lib/krb5/krb/preauth_otp.c
index 01c48b4..48fcbb5 100644
--- a/src/lib/krb5/krb/preauth_otp.c
+++ b/src/lib/krb5/krb/preauth_otp.c
@@ -835,6 +835,7 @@ set_pa_data(const krb5_pa_otp_req *req, krb5_pa_data ***pa_data_out)
         goto error;
     out[0]->contents = (krb5_octet *)tmp->data;
     out[0]->length = tmp->length;
+    free(tmp);
 
     *pa_data_out = out;
     return 0;
