[krbdev.mit.edu #8509] Leak in krb5_cccol_have_content with truncated ccache
Todd Lipcon via RT
rt-comment at krbdev.mit.edu
Thu Oct 20 17:01:39 EDT 2016
If I set KRB5_CCNAME to an empty file (eg /dev/null or a truncated regular
file) then krb5_cccol_have_content leaks the 'cache' local variable,
because krb5_cc_start_seq_get returns an error.
I'm seeing this on krb5 1.12 but looking at the trunk code the issue seems
to be the same.
It's obviously low priority since a truncated ticket cache isn't a normal
phenomenon, but ran into this and figured I'd report it.
-Todd
--
Todd Lipcon
Software Engineer, Cloudera
More information about the krb5-bugs
mailing list