From: Greg Hudson <ghudson@mit.edu>
Date: Wed, 29 Jun 2016 01:38:57 +0000 (-0400)
Subject: Fix leak in FAST OTP client processing
X-Git-Tag: krb5-1.14.4-final~28
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0ff6cf86d047aeb246ac183c5b5d56ff1de8223b;p=thirdparty%2Fkrb5.git

Fix leak in FAST OTP client processing

In set_pa_data(), after encoding the OTP request and stealing the
pointer from the resulting krb5_data object, free the krb5_data
container.

(cherry picked from commit 7029efc11525299b87b9024280ef1d9f82059ec5)

ticket: 8443
version_fixed: 1.14.4
---

diff --git a/src/lib/krb5/krb/preauth_otp.c b/src/lib/krb5/krb/preauth_otp.c
index 3de528b5ae..37f98b2924 100644
--- a/src/lib/krb5/krb/preauth_otp.c
+++ b/src/lib/krb5/krb/preauth_otp.c
@@ -830,6 +830,7 @@ set_pa_data(const krb5_pa_otp_req *req, krb5_pa_data ***pa_data_out)
         goto error;
     out[0]->contents = (krb5_octet *)tmp->data;
     out[0]->length = tmp->length;
+    free(tmp);
 
     *pa_data_out = out;
     return 0;