Patch 3/9: greet_kdc_sign() must always free if_relevant

Alexandr Nedvedicky alexandr.nedvedicky at
Mon Feb 19 19:47:08 EST 2018


I'm upgrading kerberos bundled with Solaris to krb5-1.16. Solaris currently
ships krb5-1.15.1. I've noticed there are some memory leaks, while running test
suite, which comes with krb-1.16 (e.g. running 'make check').  I don't think
those memory leaks are critical, though as kerberos newbie I can't be sure, so
I think I'm better to share my findings. All memory leaks were found using
'libumem', which can be found on Solaris (or its OSS sibbling illumos).
All patches are against krb5-1.16 release.

The patch fixes KDC memory leak in greet_kdc_sign() function. The if_relevant
is local variable, which value never leaves the scope of the function.
I think we always want to release it regardless the value of `code`.

I can confirm the patch plugs the leak without introducing any failures to
kerberos test suite.


diff --git a/src/plugins/authdata/greet_server/greet_auth.c b/src/plugins/authdata/greet_server/greet_auth.c
index 1f1e9de43..a63fbda69 100644
--- a/src/plugins/authdata/greet_server/greet_auth.c
+++ b/src/plugins/authdata/greet_server/greet_auth.c
@@ -83,10 +83,10 @@ greet_kdc_sign(krb5_context context,
     if (code == 0) {
         krb5_free_authdata(context, enc_tkt_reply->authorization_data);
         enc_tkt_reply->authorization_data = tkt_authdata;
-    } else {
-        krb5_free_authdata(context, if_relevant);
+    krb5_free_authdata(context, if_relevant);
     krb5_free_authdata(context, kdc_issued);
     return code;

More information about the krbdev mailing list