[PATCH 4/4] Use gssalloc_malloc()/gssalloc_free() with gss_buffer_t.
Nico Williams
nico at cryptonector.com
Wed Sep 28 17:03:03 EDT 2011
On Wed, Sep 28, 2011 at 2:50 PM, Sam Hartman
<hartmans at painless-security.com> wrote:
> From: Kevin Wasserman <kevin.wasserman at painless-security.com>
>
> gss_buffer_t may be freed in a different module from where they
> are allocated so it is not safe to use malloc/free.
>
> Signed-off-by: Kevin Wasserman <kevin.wasserman at painless-security.com>
...
> diff --git a/src/appl/gss-sample/gss-client.c b/src/appl/gss-sample/gss-client.c
> index 1cb797d..927681f 100644
> --- a/src/appl/gss-sample/gss-client.c
> +++ b/src/appl/gss-sample/gss-client.c
> @@ -65,6 +65,7 @@
>
> #include <gssapi/gssapi_generic.h>
> #include <gssapi/gssapi_krb5.h>
> +#include <gssapi/gssapi_alloc.h>
> #include <gssapi/gssapi_ext.h>
> #include "gss-misc.h"
> #include "port-sockets.h"
> @@ -308,7 +309,7 @@ client_establish_context(int s, char *service_name, OM_uint32 gss_flags,
> NULL); /* time_rec */
>
> if (token_ptr != GSS_C_NO_BUFFER)
> - free(recv_tok.value);
> + gssalloc_free(recv_tok.value);
Er, no, none of the apps should be using new functions, only
gss_release_buffer() when they were free()ing (or, free() when they
were using gss_release_buffer() for application-allocated buffers).
Nico
--
More information about the krbdev
mailing list