[krbdev.mit.edu #8357] memleak in gssint_get_mechanism()
Will Fiveash via RT
rt-comment at krbdev.mit.edu
Wed Feb 10 16:59:20 EST 2016
[wfiveash - Wed Feb 10 16:56:57 2016]:
> In gssint_get_mechanism() there is:
>
> if (krb5int_open_plugin(aMech->uLibName, &dl, &errinfo) != 0 ||
> errinfo.code != 0) {
> #if 0
> (void) syslog(LOG_INFO, "libgss dlopen(%s): %s\n",
> aMech->uLibName, dlerror());
> #endif
> k5_mutex_unlock(&g_mechListLock);
> return ((gss_mechanism)NULL);
> }
>
> I think k5_clear_error(&errinfo) should be called before the return here
> to avoid leaking memory allocated to errinfo.
Also the call to krb5int_get_plugin_func() in gssint_get_mechanism() has
similar issues.
More information about the krb5-bugs
mailing list