]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c4bdb3a)
Fix minor leak in kadmind password change dispatch
authorGreg Hudson <ghudson@mit.edu>
Thu, 25 Oct 2018 16:21:45 +0000 (12:21 -0400)
committerGreg Hudson <ghudson@mit.edu>
Fri, 26 Oct 2018 14:23:59 +0000 (10:23 -0400)
In the unlikely event that kadmind cannot resolve the KDB keytab in
schpw.c:dispatch(), don't leak the error message.  Reported by Bean
Zhang.

src/kadmin/server/schpw.c patch | blob | blame | history

diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c
index 491cba91aa1aa7b37a5eaf66a7130970f6b1e7d5..f7dea399618747259583ecebbb52cd628f9c6dd1 100644 (file)
--- a/src/kadmin/server/schpw.c
+++ b/src/kadmin/server/schpw.c
@@ -438,11 +438,14 @@ dispatch(void *handle, const krb5_fulladdr *local_addr,
     krb5_keytab kt = NULL;
     kadm5_server_handle_t server_handle = (kadm5_server_handle_t)handle;
     krb5_data *response = NULL;
+    const char *emsg;
 
     ret = krb5_kt_resolve(server_handle->context, "KDB:", &kt);
     if (ret != 0) {
+        emsg = krb5_get_error_message(server_handle->context, ret);
         krb5_klog_syslog(LOG_ERR, _("chpw: Couldn't open admin keytab %s"),
-                         krb5_get_error_message(server_handle->context, ret));
+                         emsg);
+        krb5_free_error_message(server_handle->context, emsg);
         goto egress;
     }
 
Mirror of https://github.com/krb5/krb5.git