]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 986582e)
Fix krb5 gss_acquire_cred() leak on some errors
authorbenpope81 <benpope81@gmail.com>
Tue, 11 Nov 2025 12:13:56 +0000 (12:13 +0000)
committerGreg Hudson <ghudson@mit.edu>
Fri, 21 Nov 2025 22:33:53 +0000 (17:33 -0500)
When a krb5 acceptor cred is acquired with a specified name, a late
enough failure can leak the acceptor_mprinc field.  Fix this leak by
freeing the field in the acquire_cred_context() error_out cleanup
code.

[ghudson@mit.edu: rewrote commit message]

ticket: 9189 (new)
tags: pullup
target_version: 1.22-next

src/lib/gssapi/krb5/acquire_cred.c patch | blob | blame | history

diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c
index aa1a486dcaa061f4cd4add02f207f5f48f30d748..12e6b7ea805ba47d3092f1d4e332b8f414b06af6 100644 (file)
--- a/src/lib/gssapi/krb5/acquire_cred.c
+++ b/src/lib/gssapi/krb5/acquire_cred.c
@@ -912,6 +912,7 @@ error_out:
         if (cred->name)
             kg_release_name(context, &cred->name);
         krb5_free_principal(context, cred->impersonator);
+        krb5_free_principal(context, cred->acceptor_mprinc);
         zapfreestr(cred->password);
         k5_mutex_destroy(&cred->lock);
         xfree(cred);
Mirror of https://github.com/krb5/krb5.git