memleak in gss_add_cred_with_password in krb 1.12.1 and 1.13.1

Greg Hudson ghudson at
Fri Jun 19 17:35:24 EDT 2015

On 06/18/2015 12:13 PM, Sorin Manolache wrote:
> I think I've found a memory leak in gss_add_cred_with_password, in krb5 
> 1.12.1 and 1.13.1.
> The gss_OID_set target_mechs in gss_add_cred_with_password 
> (lib/gssapi/mechglue/g_acquire_cred_with_pw.c) is not released if the 
> function returns GSS_S_COMPLETE.

Thanks; I have filed a pull request.  This should be fixed in 1.13.3 and
probably also a 1.12.x patch release.

Be aware that we are planning to change the behavior of
gss_acquire_cred_with_password in 1.14 as discussed here:

More information about the krbdev mailing list