krb5_free_data
Tom Yu
tlyu at MIT.EDU
Sat Jun 21 20:09:37 EDT 2014
Markus Moeller <huaraz at moeller.plus.com> writes:
> (gdb) where
> #0 0x00007ffff5f911b5 in *__GI_raise (sig=<value optimized out>) at
> ../nptl/sysdeps/unix/sysv/linux/raise.c:64
> #1 0x00007ffff5f93fc0 in *__GI_abort () at abort.c:92
> #2 0x00007ffff5fc75bb in __libc_message (do_abort=<value optimized out>,
> fmt=<value optimized out>) at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
> #3 0x00007ffff5fd0e16 in malloc_printerr (action=3, str=0x7ffff6088748
> "double free or corruption (fasttop)", ptr=<value optimized out>)
> at malloc.c:6267
> #4 0x00007ffff5fd5b8c in *__GI___libc_free (mem=<value optimized out>) at
> malloc.c:3739
> #5 0x00007ffff7939472 in krb5_free_data (context=<value optimized out>,
> val=0x6171f0) at ../../../../src/lib/krb5/krb/kfree.c:253
> #6 0x00000000004051a4 in get_ad_groups (ad_groups=0x7fffffffaff0 "",
> context=0x60f9e0, pac=0x0) at negotiate_kerberos_pac.cc:464
> #7 0x0000000000403265 in main (argc=5, argv=0x7fffffffe0e8) at
> negotiate_kerberos_auth.cc:419
>
> and line 253 is free(val->data)
>
> The code I have is the following and I get an error in krb5_pac_get_buffer:
> Invalid argument
>
>
> ad_data = (krb5_data *)xmalloc(sizeof(krb5_data));
>
> #define KERB_LOGON_INFO 1
> ret = krb5_pac_get_buffer(context, pac, KERB_LOGON_INFO, ad_data);
> if (check_k5_err(context, "krb5_pac_get_buffer", ret))
> goto k5clean;
>
>
> k5clean:
> krb5_free_data(context, ad_data);
>
> Maybe there is something wrong. I usually do not get this error, but I don't
> know why it happens sometimes.
It appears that krb5_pac_get_buffer() does not initialize its output
parameter on error conditions. This is probably a bug. As a
workaround, consider using calloc() to allocate ad_data so that the
pointer gets initialized to NULL.
More information about the krbdev
mailing list