krb5 commit [krb5-1.15]: Fix memory leak in KDC PKINIT code
Greg Hudson
ghudson at mit.edu
Wed May 2 01:25:59 EDT 2018
https://github.com/krb5/krb5/commit/57c70d882371fee7a1fca172d4a64f8f898b5c92
commit 57c70d882371fee7a1fca172d4a64f8f898b5c92
Author: sashan <anedvedicky at gmail.com>
Date: Tue Feb 20 23:03:36 2018 +0100
Fix memory leak in KDC PKINIT code
Commit e5c77a11341a79e6af1e5aef7c587a5b75a9e378 introduced a memory
leak of the client public key in server_process_dh(). Free
client_pubkey on success as well as failure.
(cherry picked from commit cefc250efd71515dd665b606bcb993e617068758)
ticket: 8644
version_fixed: 1.15.3
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index 4b86a6f..8d565e2 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -2991,6 +2991,7 @@ server_process_dh(krb5_context context,
retval = 0;
+ BN_free(client_pubkey);
if (dh_server != NULL)
DH_free(dh_server);
return retval;
More information about the cvs-krb5
mailing list