[krbdev.mit.edu #8645] git commit

Greg Hudson via RT rt-comment at KRBDEV-PROD-APP-1.mit.edu
Wed May 2 01:26:02 EDT 2018


Fix KDC encrypting key memory leak on some errors

Commit 0ba5ccd7bb3ea15e44a87f84ca6feed8890f657d separated the
allocation and destruction of encrypting_key, causing it to leak when
any of the intervening calls jump to the cleanup label.  Currently the
leak manifests on transited or authdata failures.  Move encrypting_key
destruction to the cleanup label so that it can't leak.  Reported by
anedvedicky at gmail.com.

(cherry picked from commit 1bcf2742d504a22b7354251bbc1e19c3dacd95f3)

https://github.com/krb5/krb5/commit/b294627169fba270dbd78cff5e1408a21051b266
Author: Greg Hudson <ghudson at mit.edu>
Commit: b294627169fba270dbd78cff5e1408a21051b266
Branch: krb5-1.15
 src/kdc/do_tgs_req.c |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)



More information about the krb5-bugs mailing list