[krbdev.mit.edu #8271] git commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Wed Oct 28 19:27:14 EDT 2015
Zap secure cookie contents when freeing
Secure cookies are intended to hold secret values which may contribute
to key data, and therefore should be sanitized when released. Also
fix a memory leak in kdc_fast_make_cookie().
(cherry picked from commit 73f0ee229fdd2e888bdefe580bb183d2a6c57365)
https://github.com/krb5/krb5/commit/54393f97906996b7a20c3abf0948a04ce9062f49
Author: Greg Hudson <ghudson at mit.edu>
Committer: Tom Yu <tlyu at mit.edu>
Commit: 54393f97906996b7a20c3abf0948a04ce9062f49
Branch: krb5-1.14
src/include/k5-int.h | 3 +++
src/kdc/fast_util.c | 12 ++++++++----
src/lib/krb5/krb/kfree.c | 16 +++++++++++++++-
src/lib/krb5/libkrb5.exports | 1 +
4 files changed, 27 insertions(+), 5 deletions(-)
More information about the krb5-bugs
mailing list