krb5 commit [krb5-1.20]: Fix memory leak in SPAKE kdcpreauth module
ghudson at mit.edu
ghudson at mit.edu
Tue Nov 15 11:31:27 EST 2022
https://github.com/krb5/krb5/commit/a7a99db31c532c5616814853354a048fc865df06
commit a7a99db31c532c5616814853354a048fc865df06
Author: sashan <anedvedicky at gmail.com>
Date: Thu May 26 08:51:10 2022 +0200
Fix memory leak in SPAKE kdcpreauth module
Commit ff57dc682a27bd205d715f3c0bed84890f2453c4 introduced a memory
leak into verify_response(). reply_key is no longer passed to the
callback and therefore needs to be freed by this function.
[ghudson at mit.edu: rewrote commit message]
(cherry picked from commit 445e1b32767af3041ffd1823996d05ffec6fc9d5)
ticket: 9061
version_fixed: 1.20.1
src/plugins/preauth/spake/spake_kdc.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/plugins/preauth/spake/spake_kdc.c b/src/plugins/preauth/spake/spake_kdc.c
index 687cdc9e0..1a772d450 100644
--- a/src/plugins/preauth/spake/spake_kdc.c
+++ b/src/plugins/preauth/spake/spake_kdc.c
@@ -469,6 +469,7 @@ cleanup:
zapfree(spakeresult.data, spakeresult.length);
krb5_free_data_contents(context, &thash);
krb5_free_keyblock(context, k1);
+ krb5_free_keyblock(context, reply_key);
k5_free_spake_factor(context, factor);
(*respond)(arg, ret, NULL, NULL, NULL);
}
More information about the cvs-krb5
mailing list