krb5 commit: Use zapfreedata() where appropriate

Greg Hudson ghudson at mit.edu
Fri Mar 15 12:07:41 EDT 2019


https://github.com/krb5/krb5/commit/e2ec54b6ad2477a6669ff629865bd4adfba662b2
commit e2ec54b6ad2477a6669ff629865bd4adfba662b2
Author: Greg Hudson <ghudson at mit.edu>
Date:   Thu Mar 14 11:54:00 2019 -0400

    Use zapfreedata() where appropriate

 src/lib/krb5/krb/mk_cred.c |    8 ++------
 src/lib/krb5/krb/mk_priv.c |    7 ++-----
 src/lib/krb5/krb/mk_safe.c |    3 +--
 src/lib/krb5/krb/rd_safe.c |    5 +----
 4 files changed, 6 insertions(+), 17 deletions(-)

diff --git a/src/lib/krb5/krb/mk_cred.c b/src/lib/krb5/krb/mk_cred.c
index 62224f1..c0d7b38 100644
--- a/src/lib/krb5/krb/mk_cred.c
+++ b/src/lib/krb5/krb/mk_cred.c
@@ -59,8 +59,7 @@ encrypt_credencpart(krb5_context context, krb5_cred_enc_part *encpart,
     ret = k5_encrypt_keyhelper(context, key, KRB5_KEYUSAGE_KRB_CRED_ENCPART,
                                der_enccred, encdata_out);
 
-    zap(der_enccred->data, der_enccred->length);
-    krb5_free_data(context, der_enccred);
+    zapfreedata(der_enccred);
     return ret;
 }
 
@@ -208,10 +207,7 @@ cleanup:
     krb5_free_data_contents(context, &enc.ciphertext);
     free(lstorage.contents);
     free(rstorage.contents);
-    if (der_krbcred != NULL) {
-        zap(der_krbcred->data, der_krbcred->length);
-        krb5_free_data(context, der_krbcred);
-    }
+    zapfreedata(der_krbcred);
     return ret;
 }
 
diff --git a/src/lib/krb5/krb/mk_priv.c b/src/lib/krb5/krb/mk_priv.c
index d023169..b537a2c 100644
--- a/src/lib/krb5/krb/mk_priv.c
+++ b/src/lib/krb5/krb/mk_priv.c
@@ -50,7 +50,7 @@ create_krbpriv(krb5_context context, const krb5_data *userdata,
     krb5_error_code ret;
     krb5_priv privmsg;
     krb5_priv_enc_part encpart;
-    krb5_data *der_encpart, *der_krbpriv;
+    krb5_data *der_encpart = NULL, *der_krbpriv;
     size_t enclen;
 
     memset(&privmsg, 0, sizeof(privmsg));
@@ -97,10 +97,7 @@ create_krbpriv(krb5_context context, const krb5_data *userdata,
 cleanup:
     zapfree(privmsg.enc_part.ciphertext.data,
             privmsg.enc_part.ciphertext.length);
-    if (der_encpart != NULL) {
-        zap(der_encpart->data, der_encpart->length);
-        krb5_free_data(context, der_encpart);
-    }
+    zapfreedata(der_encpart);
     return ret;
 }
 
diff --git a/src/lib/krb5/krb/mk_safe.c b/src/lib/krb5/krb/mk_safe.c
index 8a10616..151a06e 100644
--- a/src/lib/krb5/krb/mk_safe.c
+++ b/src/lib/krb5/krb/mk_safe.c
@@ -78,8 +78,7 @@ create_krbsafe(krb5_context context, const krb5_data *userdata, krb5_key key,
     ret = krb5_k_make_checksum(context, sumtype, key,
                                KRB5_KEYUSAGE_KRB_SAFE_CKSUM, der_krbsafe,
                                &safe_checksum);
-    zap(der_krbsafe->data, der_krbsafe->length);
-    krb5_free_data(context, der_krbsafe);
+    zapfreedata(der_krbsafe);
     if (ret)
         return ret;
 
diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c
index 17f2b27..7b7a30c 100644
--- a/src/lib/krb5/krb/rd_safe.c
+++ b/src/lib/krb5/krb/rd_safe.c
@@ -117,10 +117,7 @@ read_krbsafe(krb5_context context, krb5_auth_context ac,
     safe_cksum = NULL;
 
 cleanup:
-    if (der_zerosafe != NULL) {
-        zap(der_zerosafe->data, der_zerosafe->length);
-        krb5_free_data(context, der_zerosafe);
-    }
+    zapfreedata(der_zerosafe);
     krb5_free_data(context, safe_body);
     krb5_free_safe(context, krbsafe);
     krb5_free_checksum(context, safe_cksum);


More information about the cvs-krb5 mailing list