krb5 commit [krb5-1.16]: Fix OTP secret file leak and whitespace removal

Tue Oct 30 12:25:38 EDT 2018

https://github.com/krb5/krb5/commit/e7e666c8ecd0f2e515a28dcc8eb6b67a3557243a
commit e7e666c8ecd0f2e515a28dcc8eb6b67a3557243a
Author: Greg Hudson <ghudson at mit.edu>
Date:   Tue Jun 26 12:47:10 2018 -0400

    Fix OTP secret file leak and whitespace removal
    
    In read_secret_file() in the OTP kdcpreauth module, add a cleanup
    label and free filename on exit.  Also fix the whitespace stripping
    code to correctly find the end offset, and use size_t rather than int
    offsets.  The leak was reported by Bean Zhang.
    
    (cherry picked from commit 396c736c0add2e13f4a9aaaefc9c86445b701953)
    
    ticket: 8704
    version_fixed: 1.16.2

 src/plugins/preauth/otp/otp_state.c |   15 +++++++++------
 1 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/src/plugins/preauth/otp/otp_state.c b/src/plugins/preauth/otp/otp_state.c
index 5ba3d91..7c76bd0 100644
--- a/src/plugins/preauth/otp/otp_state.c
+++ b/src/plugins/preauth/otp/otp_state.c
@@ -84,23 +84,23 @@ read_secret_file(const char *secret_file, char **secret)
 {
     char buf[MAX_SECRET_LEN];
     krb5_error_code retval;
-    char *filename;
+    char *filename = NULL;
     FILE *file;
-    int i, j;
+    size_t i, j;
 
     *secret = NULL;
 
     retval = k5_path_join(KDC_DIR, secret_file, &filename);
     if (retval != 0) {
         com_err("otp", retval, "Unable to resolve secret file '%s'", filename);
-        return retval;
+        goto cleanup;
     }
 
     file = fopen(filename, "r");
     if (file == NULL) {
         retval = errno;
         com_err("otp", retval, "Unable to open secret file '%s'", filename);
-        return retval;
+        goto cleanup;
     }
 
     if (fgets(buf, sizeof(buf), file) == NULL)
@@ -108,7 +108,7 @@ read_secret_file(const char *secret_file, char **secret)
     fclose(file);
     if (retval != 0) {
         com_err("otp", retval, "Unable to read secret file '%s'", filename);
-        return retval;
+        goto cleanup;
     }
 
     /* Strip whitespace. */
@@ -116,12 +116,15 @@ read_secret_file(const char *secret_file, char **secret)
         if (!isspace(buf[i]))
             break;
     }
-    for (j = strlen(buf) - i; j > 0; j--) {
+    for (j = strlen(buf); j > i; j--) {
         if (!isspace(buf[j - 1]))
             break;
     }
 
     *secret = k5memdup0(&buf[i], j - i, &retval);
+
+cleanup:
+    free(filename);
     return retval;
 }
 
