]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 20fcbf2)
Fix krb5_get_init_creds_password() pwchange leak
authorGreg Hudson <ghudson@mit.edu>
Tue, 28 Jun 2016 18:52:31 +0000 (14:52 -0400)
committerGreg Hudson <ghudson@mit.edu>
Wed, 10 Aug 2016 17:36:53 +0000 (13:36 -0400)
When krb5_get_init_creds_password() attempts to change the password,
make sure to free code_string along all exit paths.

ticket: 8440 (new)
target_version: 1.14-next
target_version: 1.13-next
tags: pullup

src/lib/krb5/krb/gic_pwd.c patch | blob | blame | history

diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c
index 55aa9d6e883ad5460fe2bbb0b9c7e7cdbdb91e20..6f3a29f2c423976a920c721daa70edadeb6fc6ff 100644 (file)
--- a/src/lib/krb5/krb/gic_pwd.c
+++ b/src/lib/krb5/krb/gic_pwd.c
@@ -442,6 +442,7 @@ krb5_get_init_creds_password(krb5_context context,
             /* the change succeeded.  go on */
 
             if (result_code == 0) {
+                free(code_string.data);
                 free(result_string.data);
                 break;
             }
@@ -451,6 +452,7 @@ krb5_get_init_creds_password(krb5_context context,
             ret = KRB5_CHPW_FAIL;
 
             if (result_code != KRB5_KPASSWD_SOFTERROR) {
+                free(code_string.data);
                 free(result_string.data);
                 goto cleanup;
             }
Mirror of https://github.com/krb5/krb5.git