]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d170ed6)
Fix uncommon leak in krb5_init_creds_step()
authorGreg Hudson <ghudson@mit.edu>
Sun, 26 Jul 2015 17:21:47 +0000 (13:21 -0400)
committerTom Yu <tlyu@mit.edu>
Tue, 18 Aug 2015 20:57:26 +0000 (16:57 -0400)
Release any previous value of ctx->err_padata before setting it in
init_creds_step_reply().  It could have a prior value after a realm
referral or retriable error.

(cherry picked from commit 997eb174f5fd81747ad0ecb671f00c25951931b1)

ticket: 8223
version_fixed: 1.13.3
status: resolved

src/lib/krb5/krb/get_in_tkt.c patch | blob | blame | history

diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index 2005002912e8dc5fd841efe8d8fda6e136357987..7a50161bb6edffeeacb6d891a58bd9f82c6edef3 100644 (file)
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -1426,6 +1426,8 @@ init_creds_step_reply(krb5_context context,
         ctx->request->client->type == KRB5_NT_ENTERPRISE_PRINCIPAL;
 
     if (ctx->err_reply != NULL) {
+        krb5_free_pa_data(context, ctx->err_padata);
+        ctx->err_padata = NULL;
         code = krb5int_fast_process_error(context, ctx->fast_state,
                                           &ctx->err_reply, &ctx->err_padata,
                                           &retry);
Mirror of https://github.com/krb5/krb5.git