Use DB allocators for default key data encryption

krb5_dbe_def_encrypt_key_data() is used by KDB modules as the default
encryption functions.  It deals with structures allocated or freed by
the KDB module, so it needs to use the module's memory allocation
functions.

diff --git a/src/lib/kdb/encrypt_key.c b/src/lib/kdb/encrypt_key.c
index 2ca4632766a4ceb0ca56e3ed6f49454a1514c22f..dafe6124ab09b749896545fc066aaf3dee57a10b 100644 (file)
--- a/src/lib/kdb/encrypt_key.c
+++ b/src/lib/kdb/encrypt_key.c
@@ -73,9 +73,10 @@ krb5_dbe_def_encrypt_key_data( krb5_context             context,
     krb5_data                     plain;
     krb5_enc_data                 cipher;
 
-    for (i = 0; i < key_data->key_data_ver; i++)
-        if (key_data->key_data_contents[i])
-            free(key_data->key_data_contents[i]);
+    for (i = 0; i < key_data->key_data_ver; i++) {
+        krb5_db_free(context, key_data->key_data_contents[i]);
+        key_data->key_data_contents[i] = NULL;
+    }
 
     key_data->key_data_ver = 1;
     key_data->key_data_kvno = keyver;
@@ -88,7 +89,8 @@ krb5_dbe_def_encrypt_key_data( krb5_context             context,
                                         &len)))
         return(retval);
 
-    if ((ptr = (krb5_octet *) malloc(2 + len)) == NULL)
+    ptr = krb5_db_alloc(context, NULL, 2 + len);
+    if (ptr == NULL)
         return(ENOMEM);
 
     key_data->key_data_type[0] = dbkey->enctype;
@@ -106,7 +108,7 @@ krb5_dbe_def_encrypt_key_data( krb5_context             context,
 
     if ((retval = krb5_c_encrypt(context, mkey, /* XXX */ 0, 0,
                                  &plain, &cipher))) {
-        free(key_data->key_data_contents[0]);
+        krb5_db_free(context, key_data->key_data_contents[0]);
         return retval;
     }
 
@@ -117,9 +119,9 @@ krb5_dbe_def_encrypt_key_data( krb5_context             context,
             key_data->key_data_type[1] = keysalt->type;
             if ((key_data->key_data_length[1] = keysalt->data.length) != 0) {
                 key_data->key_data_contents[1] =
-                    (krb5_octet *)malloc(keysalt->data.length);
+                    krb5_db_alloc(context, NULL, keysalt->data.length);
                 if (key_data->key_data_contents[1] == NULL) {
-                    free(key_data->key_data_contents[0]);
+                    krb5_db_free(context, key_data->key_data_contents[0]);
                     return ENOMEM;
                 }
                 memcpy(key_data->key_data_contents[1], keysalt->data.data,