[krbdev.mit.edu #2722] Outstanding allocation of krb5_copy_principal() after callking krb5_get_init_creds_password
Public Submitter via RT
rt-comment at krbdev.mit.edu
Fri Sep 24 11:44:19 EDT 2004
Ok, now I see the problem. I missed an api call that I made...
krb5_get_init_creds_password( ctx, creds, ... );
Then I do a few more API calls, and found this:
krb5_parse_name( ctx, szHostPrincipal, &creds.server );
This over-writes the prior server credentials from creds_password (which
was "krbtgt").
Is this a bug, or user error? If possible, could we avoid this type of
"user error" by freeing the principal that was in creds.server within
the krb5_parse_name()?
So that if you parse_name and store the principal name the API would
check to see if one exists first, and delete it. THEN store the new one?
To avoid the leak what I did was:
krb5_get_init_creds_password( ctx, creds, ... );
krb5_cc_store_cred()
krb5_free_principal( ctx, creds.server );
krb5_parse_name_ ctx, szHostPrincipal, &creds.server );
Just wondering if that request is something that you guys feel would be
a good addition. And if you don't, feel free to call this "functions as
designed"
Thanks,
Ds.
More information about the krb5-bugs
mailing list