[krbdev.mit.edu #3790] memory leak in GSSAPI credential releasing code

The RT System itself via RT rt-comment at krbdev.mit.edu
Wed May 24 16:30:57 EDT 2006


>From krb5-bugs-incoming-bounces at PCH.mit.edu  Wed May 24 16:30:50 2006
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.9.3p2) with ESMTP
	id QAA19608; Wed, 24 May 2006 16:30:50 -0400 (EDT)
Received: from pch.mit.edu (pch.mit.edu [127.0.0.1])
	by pch.mit.edu (8.13.6/8.12.8) with ESMTP id k4OKUFOE025721
	for <krb5-send-pr at krbdev.mit.edu>; Wed, 24 May 2006 16:30:15 -0400
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU
	[18.7.21.83])
	by pch.mit.edu (8.13.6/8.12.8) with ESMTP id k4OEcf1n032572
	for <krb5-bugs-incoming at PCH.mit.edu>; Wed, 24 May 2006 10:38:41 -0400
Received: from skamandros.sncag.com ([217.111.56.2])
	by pacific-carrier-annex.mit.edu (8.13.6/8.9.2) with ESMTP id
	k4OEbU1W014644
	for <krb5-bugs at mit.edu>; Wed, 24 May 2006 10:38:03 -0400 (EDT)
Received: from skamandros.sncag.com (localhost [127.0.0.1])
	by skamandros.sncag.com (8.13.4/8.13.4/Debian-3sarge1) with ESMTP id
	k4OEbULG012821
	for <krb5-bugs at mit.edu>; Wed, 24 May 2006 16:37:30 +0200
Received: (from rw at localhost)
	by skamandros.sncag.com (8.13.4/8.13.4/Submit) id k4OEbTB7012818;
	Wed, 24 May 2006 16:37:29 +0200
Date: Wed, 24 May 2006 16:37:29 +0200
From: Rainer Weikusat <rainer.weikusat at sncag.com>
Message-Id: <200605241437.k4OEbTB7012818 at skamandros.sncag.com>
To: krb5-bugs at mit.edu
Subject: memory leak in GSSAPI acquire/ release cred
X-send-pr-version: 3.99
X-Spam-Score: -2.599
X-Spam-Flag: NO
X-Scanned-By: MIMEDefang 2.42
X-Mailman-Approved-At: Wed, 24 May 2006 16:30:14 -0400
X-BeenThere: krb5-bugs-incoming at mailman.mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
Reply-To: rainer.weikusat at sncag.com
Sender: krb5-bugs-incoming-bounces at PCH.mit.edu
Errors-To: krb5-bugs-incoming-bounces at PCH.mit.edu


>Submitter-Id:	net
>Originator:	Rainer Weikusat
>Organization:
	SNC AG
>Confidential:	no
>Synopsis:	memory leak in GSSAPI credential releasing code
>Severity:	serious
>Category:	krb5-libs
>Class:		sw-bug
>Release:	1.4.3
>Environment:
	
System: Linux skamandros 2.6.16.16 #4 SMP Fri May 12 18:31:50 CEST 2006 i686 GNU/Linux
Architecture: i686

>Description:
	The gss_krb5_set_allowable_enctypes routine in src/lib/gssapi/krb5/set_allowable_enctypes.c
	allocates memory for an array of requested enctypes and stores a pointer to that
	in the req_enctypes member of the krb5_gss_cred_id_rec structure. This memory is
	not freed by the krb5_gss_release_cred routine in src/lib/gssapi/krb5/rel_cred.c,
	leading to a memory leak.
>Fix:
diff -u -r1.1.1.1 -r1.1.1.1.2.1
--- kerberos-mmfix/src/lib/gssapi/krb5/rel_cred.c	19 Mar 2006 14:41:59 -0000	1.1.1.1
+++ kerberos-mmfix/src/lib/gssapi/krb5/rel_cred.c	24 May 2006 14:00:05 -0000	1.1.1.1.2.1
@@ -70,6 +70,10 @@
       code3 = 0;
    if (cred->princ)
       krb5_free_principal(context, cred->princ);
+
+   if (cred->req_enctypes)
+      xfree(cred->req_enctypes);
+   
    xfree(cred);
    krb5_free_context(context);




More information about the krb5-bugs mailing list