Release gnamebuf also on the error path

In dst_gssapi_acceptctx(), the gnamebuf could leak a little bit of
memory if dns_name_fromtext() would theoretically fail.  This would
require a Kerberos principal with invalid DNS name.

diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c
index bebad4767756fffecdc51329a1ef6b066c62b9e0..b500e94cdaabf5c7cc0bf1f9d61e2c3ae8e78e44 100644 (file)
--- a/lib/dns/gssapictx.c
+++ b/lib/dns/gssapictx.c
@@ -503,15 +503,6 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken,
                isc_buffer_add(&namebuf, r.length);
 
                CHECK(dns_name_fromtext(principal, &namebuf, dns_rootname, 0));
-
-               if (gnamebuf.length != 0U) {
-                       gret = gss_release_buffer(&minor, &gnamebuf);
-                       if (gret != GSS_S_COMPLETE) {
-                               gss_log(3, "failed gss_release_buffer: %s",
-                                       gss_error_tostring(gret, minor, buf,
-                                                          sizeof(buf)));
-                       }
-               }
        } else {
                result = DNS_R_CONTINUE;
        }
@@ -519,6 +510,15 @@ dst_gssapi_acceptctx(const char *gssapi_keytab, isc_region_t *intoken,
        *ctxout = context;
 
 cleanup:
+       if (gnamebuf.length != 0U) {
+               gret = gss_release_buffer(&minor, &gnamebuf);
+               if (gret != GSS_S_COMPLETE) {
+                       gss_log(3, "failed gss_release_buffer: %s",
+                               gss_error_tostring(gret, minor, buf,
+                                                  sizeof(buf)));
+               }
+       }
+
        if (gname != NULL) {
                gret = gss_release_name(&minor, &gname);
                if (gret != GSS_S_COMPLETE) {