[krbdev.mit.edu #9086] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Wed Mar 1 22:06:06 EST 2023
Wed Mar 01 22:06:06 2023: Request 9086 was acted upon.
Transaction: Ticket created by ghudson at mit.edu
Queue: krb5
Subject: git commit
Owner: ghudson at mit.edu
Requestors:
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9086 >
Fix possible double-free during KDB creation
In krb5_dbe_def_encrypt_key_data(), when we free
key_data->key_data_contents[0], reset it to null so the caller doesn't
free it as well.
Since commit a06945b4ec267e8b80e5e8c95edd89930ff12103 this bug
manifests as a double-free during KDB creation if master key
encryption fails.
[ghudson at mit.edu: edited commit message]
https://github.com/krb5/krb5/commit/fddd419fc4112a118d8091e296cc2bfa8d8f777b
Author: Julien Rische <jrische at redhat.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: fddd419fc4112a118d8091e296cc2bfa8d8f777b
Branch: master
src/lib/kdb/encrypt_key.c | 2 ++
1 file changed, 2 insertions(+)
More information about the krb5-bugs
mailing list