[krbdev.mit.edu #6211] pam_sam leaking outer krb5_data created by encode_krb5_sam_response

Alexandra Ellwood via RT rt-comment at krbdev.mit.edu
Tue Oct 21 15:43:02 EDT 2008


encode_krb5_sam_response allocates a krb5_data (including the outer structure) and returns it 
in scratch.  pa_sam takes the content buffer and length out of scratch and puts them in pa 
(which will be returned to the caller), but does not free the outer buffer.

Should probably be freed with krb5_xfree() or krb5_free_data after the length field has been set 
to 0 and the data field set to NULL.

(Found with leak checker)



More information about the krb5-bugs mailing list