]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5250332)
Fix krb5_rd_req() memory leak
authorNicolas Williams <nico@twosigma.com>
Tue, 1 Sep 2015 15:58:30 +0000 (11:58 -0400)
committerTom Yu <tlyu@mit.edu>
Wed, 16 Sep 2015 21:24:24 +0000 (17:24 -0400)
In release 1.13, commit eba8c4909ec7ba0d7054d5d1b1061319e9970cc7
(ticket #7232) introduced a memory leak when skipping keytab entries
which do not match the application-provided server specification.  Fix
it by freeing the keytab entry before continuing the loop on a failure
to match.

[ghudson@mit.edu: commit message]

(cherry picked from commit 3aa8506ee9e1f564e3f396eed5ac5616d7c54b34)

ticket: 8239
version_fixed: 1.13.3
status: resolved

src/lib/krb5/krb/rd_req_dec.c patch | blob | blame | history

diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c
index df5ba7a35abc6a70d2208e2bd5a2dbc2e1dc19db..6defbdbf019da469415766829d87433948986345 100644 (file)
--- a/src/lib/krb5/krb/rd_req_dec.c
+++ b/src/lib/krb5/krb/rd_req_dec.c
@@ -396,6 +396,7 @@ decrypt_ticket(krb5_context context, const krb5_ap_req *req,
         if (!krb5_sname_match(context, server, ent.principal)) {
             if (krb5_principal_compare(context, ent.principal, tkt_server))
                 tkt_server_mismatch = TRUE;
+            (void)krb5_free_keytab_entry_contents(context, &ent);
             continue;
         }
         found_server_match = TRUE;
Mirror of https://github.com/krb5/krb5.git