possible mem leak in add_key_rnd()?

Will Fiveash William.Fiveash at sun.com
Thu Nov 3 18:36:47 EST 2005

On Wed, Nov 02, 2005 at 01:54:27PM -0500, Tom Yu wrote:
> >>>>> "Will" == Will Fiveash <William.Fiveash at sun.com> writes:
> Will> In kdb_cpw.c:add_key_rnd() line 206 I see:
> tptr-> key_data_contents[k] = krb5_db_alloc(context, NULL, tmp_key_data.key_data_length[k]);
> Will> but I did not see that tptr->key_data_contents[k] was free()'ed before
> Will> this assignment.  Am I wrong in thinking that this is a memory leak?
> Hm, I don't think it's a leak; tptr points to a newly allocated
> krb5_key_data, so tptr->key_data_contents[k] doesn't contain a valid
> pointer.  Which version are you looking at, anyway?

I'm looking at kdb_cpw.c in the svn trunk.  I missed the earlier:

        if ((retval = krb5_dbe_create_key_data(context, db_entry)))

so I understand your take on my memory leak concern.  However when I
look at krb5_dbe_create_key_data() I see:

    if ((entry->key_data =
     (krb5_key_data *) krb5_db_alloc(context, entry->key_data,
                     (sizeof(krb5_key_data) *
                      (entry->n_key_data + 1)))) == NULL)

Given db_entry is passed to krb5_dbe_create_key_data() it seems risky to
me that the function assumes that entry->key_data doesn't exist.
Perhaps it should test entry->key_data == NULL first.

Will Fiveash
Sun Microsystems Inc.
Austin, TX, USA (TZ=CST6CDT)

More information about the krbdev mailing list