plug some memory leaks

git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/authdata@22656 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/include/krb5/authdata_plugin.h b/src/include/krb5/authdata_plugin.h
index 16b03c0dbd53973db6af5bb56d2849af62cf9d00..fd2acf9fc6340cbeefa69a685c2d9fe4898f6c1a 100644 (file)
--- a/src/include/krb5/authdata_plugin.h
+++ b/src/include/krb5/authdata_plugin.h
@@ -243,7 +243,8 @@ typedef krb5_error_code
 (*authdata_client_copy_context_proc)(krb5_context context,
                                     void *plugin_context,
                                     void *request_context,
-                                    void **dst_request_context);
+                                    void *dst_plugin_context,
+                                    void *dst_request_context);
 
 typedef void
 (*authdata_client_free_internal_proc)(krb5_context context,

diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c
index 1c7e4908b812259d68dc77e5ceee421c45b95caa..681f18a67d6c4076cc62d840baecddde1c63c417 100644 (file)
--- a/src/lib/gssapi/krb5/acquire_cred.c
+++ b/src/lib/gssapi/krb5/acquire_cred.c
@@ -495,7 +495,7 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
     /* validate the name */
 
     /*SUPPRESS 29*/
-    if ((desired_name != (gss_name_t) NULL) &&
+    if ((desired_name != GSS_C_NO_NAME) &&
         (! kg_validate_name(desired_name))) {
         *minor_status = (OM_uint32) G_VALIDATE_FAILED;
         krb5_free_context(context);

diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
index a91f471db33504b52fa6002500dcf2c7d5879958..178223e43006d1c85a44b306d8ea69f9c5c6ac3a 100644 (file)
--- a/src/lib/gssapi/spnego/spnego_mech.c
+++ b/src/lib/gssapi/spnego/spnego_mech.c
@@ -1943,6 +1943,9 @@ spnego_gss_delete_sec_context(
         */
        if (*ctx != NULL &&
            (*ctx)->magic_num == SPNEGO_MAGIC_ID) {
+               (void) gss_delete_sec_context(minor_status,
+                                   &(*ctx)->ctx_handle,
+                                   output_token);
                (void) release_spnego_ctx(ctx);
        } else {
                ret = gss_delete_sec_context(minor_status,

diff --git a/src/lib/krb5/krb/authdata.c b/src/lib/krb5/krb/authdata.c
index 07c1cb65a66ab232de55e616042e343bf00e4448..ffb98064609bbd2a7c26dcaf0932a2282d153921 100644 (file)
--- a/src/lib/krb5/krb/authdata.c
+++ b/src/lib/krb5/krb/authdata.c
@@ -743,7 +743,8 @@ k5_copy_ad_module_data(krb5_context kcontext,
     code = (*src_module->ftable->copy_context)(kcontext,
                                                src_module->plugin_context,
                                                src_module->request_context,
-                                               dst_module->request_context_pp);
+                                               dst_module->plugin_context,
+                                               dst_module->request_context);
 
     return code;
 }
@@ -772,10 +773,11 @@ krb5_authdata_context_copy(krb5_context kcontext,
 
     if (code != 0) {
         krb5_authdata_context_free(kcontext, dst);
-    } else {
-        *pdst = dst;
+        return code;
     }
 
-    return code;
+    *pdst = dst;
+
+    return 0;
 }
 

diff --git a/src/lib/krb5/krb/pac.c b/src/lib/krb5/krb/pac.c
index 7ab3313e4f49d46aabbe52793649d2de2246a29d..7bb37b71a6df926d3e3054e19e9b166a3007c2f1 100644 (file)
--- a/src/lib/krb5/krb/pac.c
+++ b/src/lib/krb5/krb/pac.c
@@ -1358,27 +1358,20 @@ static krb5_error_code
 mspac_copy_context(krb5_context context,
                   void *plugin_context,
                   void *request_context,
-                  void **dst_request_context)
+                  void *dst_plugin_context,
+                  void *dst_request_context)
 {
     struct mspac_context *srcctx = (struct mspac_context *)request_context;
-    struct mspac_context *dstctx;
-    krb5_error_code code;
+    struct mspac_context *dstctx = (struct mspac_context *)dst_request_context;
+    krb5_error_code code = 0;
 
-    code = mspac_request_init(context, plugin_context, (void **)&dstctx);
-    if (code != 0)
-       return code;
+    assert(dstctx != NULL);
+    assert(dstctx->pac == NULL);
 
-    if (srcctx->pac != NULL) {
+    if (srcctx->pac != NULL)
        code = k5_pac_copy(context, srcctx->pac, &dstctx->pac);
-        if (code != 0) {
-           free(dstctx);
-           return code;
-       }
-    }
-
-    *dst_request_context = dstctx;
 
-    return 0;
+    return code;
 }
 
 static void

diff --git a/src/plugins/authdata/greet_client/greet.c b/src/plugins/authdata/greet_client/greet.c
index e636c344102501a57dfe36d8ae430a62af26abb8..373db0cec5f7c36c4a2825832dcbcdcbecd2f5c5 100644 (file)
--- a/src/plugins/authdata/greet_client/greet.c
+++ b/src/plugins/authdata/greet_client/greet.c
@@ -119,8 +119,9 @@ static krb5_error_code
 greet_get_attribute_types(krb5_context context,
                           void *plugin_context,
                           void *request_context,
+                          krb5_data **verified,
                           krb5_data **asserted,
-                          krb5_data **verified)
+                          krb5_data **all_attrs)
 {
     krb5_error_code code;
     struct greet_context *greet = (struct greet_context *)request_context;
@@ -128,6 +129,9 @@ greet_get_attribute_types(krb5_context context,
     if (greet->greeting.length == 0)
         return ENOENT;
 
+    if (asserted == NULL)
+        return 0;
+
     *asserted = calloc(2, sizeof(krb5_data));
     if (*asserted == NULL)
         return ENOMEM;
@@ -139,8 +143,6 @@ greet_get_attribute_types(krb5_context context,
         return code;
     }
 
-    *verified = NULL;
-
     return 0;
 }
 
@@ -230,25 +232,13 @@ static krb5_error_code
 greet_copy_context(krb5_context context,
                    void *plugin_context,
                    void *request_context,
-                   void **dst_request_context)
+                   void *dst_plugin_context,
+                   void *dst_request_context)
 {
     struct greet_context *src = (struct greet_context *)request_context;
-    struct greet_context *dst = (struct greet_context *)request_context;
-    krb5_error_code code;
-
-    code = greet_request_init(context, plugin_context, (void **)&dst);
-    if (code != 0)
-        return code;
+    struct greet_context *dst = (struct greet_context *)dst_request_context;
 
-    code = krb5int_copy_data_contents_add0(context, &src->greeting, &dst->greeting);
-    if (code != 0) {
-        greet_request_fini(context, plugin_context,(void **)&dst);
-        return code;
-    }
-
-    *dst_request_context = dst;
-
-    return 0;
+    return krb5int_copy_data_contents_add0(context, &src->greeting, &dst->greeting);
 }
 
 static krb5_authdatatype greet_ad_types[] = { -42, 0 };

diff --git a/src/tests/gssapi/t_namingexts.c b/src/tests/gssapi/t_namingexts.c
index aa75fbec37e33b7704cc0912df5e9abd2850810b..084c2522d39b62b0b88672fa6bd83f82eaa2d7f6 100644 (file)
--- a/src/tests/gssapi/t_namingexts.c
+++ b/src/tests/gssapi/t_namingexts.c
@@ -72,7 +72,7 @@ static OM_uint32
 displayCanonName(OM_uint32 *minor, gss_name_t name, char *tag)
 {
     gss_name_t canon;
-    OM_uint32 major;
+    OM_uint32 major, tmp;
     gss_buffer_desc buf;
 
     major = gss_canonicalize_name(minor, name, (gss_OID)gss_mech_krb5, &canon);
@@ -83,13 +83,15 @@ displayCanonName(OM_uint32 *minor, gss_name_t name, char *tag)
 
     major = gss_display_name(minor, canon, &buf, NULL);
     if (GSS_ERROR(major)) {
+        gss_release_name(&tmp, &canon);
         displayStatus("gss_display_name", major, minor);
         return major;
     }
 
     printf("%s:\t%s\n", tag, (char *)buf.value);
 
-    gss_release_buffer(minor, &buf);
+    gss_release_name(&tmp, &canon);
+    gss_release_buffer(&tmp, &buf);
 
     return GSS_S_COMPLETE;
 }
@@ -271,8 +273,7 @@ testGreetAuthzData(OM_uint32 *minor,
 
 static OM_uint32
 initAcceptSecContext(OM_uint32 *minor,
-                     gss_cred_id_t verifier_cred_handle,
-                     gss_cred_id_t *deleg_cred_handle)
+                     gss_cred_id_t verifier_cred_handle)
 {
     OM_uint32 major;
     gss_buffer_desc token, tmp;
@@ -288,8 +289,6 @@ initAcceptSecContext(OM_uint32 *minor,
     tmp.value = NULL;
     tmp.length = 0;
 
-    *deleg_cred_handle = GSS_C_NO_CREDENTIAL;
-
     major = gss_inquire_cred(minor, verifier_cred_handle,
                              &target_name, NULL, NULL, NULL);
     if (GSS_ERROR(major)) {
@@ -337,7 +336,7 @@ initAcceptSecContext(OM_uint32 *minor,
                                    &tmp,
                                    NULL,
                                    &time_rec,
-                                   deleg_cred_handle);
+                                   NULL);
 
     if (GSS_ERROR(major))
         displayStatus("gss_accept_sec_context", major, minor);
@@ -347,6 +346,7 @@ initAcceptSecContext(OM_uint32 *minor,
         testExportImportName(minor, source_name);
     }
 
+    (void) gss_release_name(minor, &source_name);
     (void) gss_delete_sec_context(minor, &acceptor_context, NULL);
     (void) gss_release_buffer(minor, &token);
     (void) gss_release_buffer(minor, &tmp);
@@ -358,7 +358,6 @@ int main(int argc, char *argv[])
 {
     OM_uint32 minor, major, tmp;
     gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL;
-    gss_cred_id_t delegated_cred_handle = GSS_C_NO_CREDENTIAL;
     gss_OID_set_desc mechs;
     gss_OID_set actual_mechs = GSS_C_NO_OID_SET;
     gss_name_t name = GSS_C_NO_NAME;
@@ -427,16 +426,13 @@ int main(int argc, char *argv[])
 
     (void) gss_release_oid_set(&minor, &actual_mechs);
 
-    major = initAcceptSecContext(&minor,
-                                 cred_handle,
-                                 &delegated_cred_handle);
+    major = initAcceptSecContext(&minor, cred_handle);
     if (GSS_ERROR(major))
         goto out;
 
     printf("\n");
 
 out:
-    (void) gss_release_cred(&tmp, &delegated_cred_handle);
     (void) gss_release_cred(&tmp, &cred_handle);
     (void) gss_release_oid_set(&tmp, &actual_mechs);
     (void) gss_release_name(&tmp, &name);