[krbdev.mit.edu #5233] Change in behaviour in gss_release_buffer() by mechtypes introduces memory leak
Tom Yu via RT
rt-comment at krbdev.mit.edu
Fri Dec 29 17:20:53 EST 2006
>>>>> "Ezra" == Ezra Peisach via RT <rt-comment at krbdev.mit.edu> writes:
Ezra> Sam Hartman via RT wrote:
>> Note that callers should not be releasing buffers that they allocated.
>> So I think we need only be consistent within our implementation and
>> within mechanisms that plug into our implementation.
>>
>>
Ezra> Exactly.... The mechanism interface has changed the implementation
Ezra> requirements. The release_buffer is not passed down to the mech
Ezra> specific handlers. So - self consistency in the implementation would
Ezra> now require a change in the k5sealv3.c code...
I think some interpretations of the spec require that an application
be able to assume that a zero length buffer doesn't need to be
released. We should probably adjust k5sealv3.c to be consistent with
that.
More information about the krb5-bugs
mailing list