]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dfc26dc)
auth:kerberos: Fix resource leak in smb_krb5_get_keytab_container()
authorPavel Filipenský <pfilipensky@samba.org>
Wed, 26 Jul 2023 14:28:36 +0000 (16:28 +0200)
committerStefan Metzmacher <metze@samba.org>
Mon, 31 Jul 2023 10:56:54 +0000 (10:56 +0000)
Reported by Red Hat internal covscan
leaked_storage: Variable "keytab" going out of scope leaks the storage it points to.

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
source4/auth/kerberos/kerberos_util.c patch | blob | blame | history

diff --git a/source4/auth/kerberos/kerberos_util.c b/source4/auth/kerberos/kerberos_util.c
index 432266aab91d131c30609ede3a10f21f76fde3c4..2dfd45dc3fe3a62541138f8a9a3f685d818030da 100644 (file)
--- a/source4/auth/kerberos/kerberos_util.c
+++ b/source4/auth/kerberos/kerberos_util.c
@@ -468,6 +468,21 @@ krb5_error_code smb_krb5_get_keytab_container(TALLOC_CTX *mem_ctx,
        krb5_keytab keytab;
        krb5_error_code ret;
 
+       /*
+        * Start with talloc(), talloc_reference() and only then call
+        * krb5_kt_resolve(). If any of them fails, the cleanup code is simpler.
+        */
+       *ktc = talloc(mem_ctx, struct keytab_container);
+       if (!*ktc) {
+               return ENOMEM;
+       }
+
+       (*ktc)->smb_krb5_context = talloc_reference(*ktc, smb_krb5_context);
+       if ((*ktc)->smb_krb5_context == NULL) {
+               TALLOC_FREE(*ktc);
+               return ENOMEM;
+       }
+
        if (opt_keytab) {
                keytab = opt_keytab;
        } else {
@@ -478,16 +493,11 @@ krb5_error_code smb_krb5_get_keytab_container(TALLOC_CTX *mem_ctx,
                                 smb_get_krb5_error_message(
                                        smb_krb5_context->krb5_context,
                                        ret, mem_ctx)));
+                       TALLOC_FREE(*ktc);
                        return ret;
                }
        }
 
-       *ktc = talloc(mem_ctx, struct keytab_container);
-       if (!*ktc) {
-               return ENOMEM;
-       }
-
-       (*ktc)->smb_krb5_context = talloc_reference(*ktc, smb_krb5_context);
        (*ktc)->keytab = keytab;
        (*ktc)->password_based = false;
        talloc_set_destructor(*ktc, free_keytab_container);
Mirror of https://github.com/samba-team/samba.git