]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 149d436)
s4:kdc: Fix memory leak of padata_value
authorIvan Korytov <korytovip@basealt.ru>
Fri, 21 Feb 2025 11:22:41 +0000 (14:22 +0300)
committerDouglas Bagnall <dbagnall@samba.org>
Tue, 3 Jun 2025 21:54:34 +0000 (21:54 +0000)
md.padata_value is not needed even if no error occurred.
kdc_request_add_encrypted_padata copies data from it to newly allocated r->ek.encrypted_pa_data.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15813

Signed-off-by: Ivan Korytov <korytovip@basealt.ru>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
source4/kdc/wdc-samba4.c patch | blob | blame | history

diff --git a/source4/kdc/wdc-samba4.c b/source4/kdc/wdc-samba4.c
index 0741c0878afd39bffb4939028a0d13aaf9645b30..9d464a70560e59bcb7fef3bcb12caeaf6ae17cbd 100644 (file)
--- a/source4/kdc/wdc-samba4.c
+++ b/source4/kdc/wdc-samba4.c
@@ -737,12 +737,9 @@ static krb5_error_code samba_wdc_finalize_reply(void *priv,
                md.padata_type = KRB5_PADATA_SUPPORTED_ETYPES;
 
                ret = kdc_request_add_encrypted_padata(r, &md);
+               krb5_data_free(&md.padata_value);
                if (ret != 0) {
-                       /*
-                        * So we do not leak the allocated
-                        * memory on md in the error case
-                        */
-                       krb5_data_free(&md.padata_value);
+                       return ret;
                }
        }
 
Mirror of https://github.com/samba-team/samba.git