If a KDB module zeroes out the master key in its fetch_master_key()
method (as the test KDB module does), krb5_db_fetch_mkey() will copy
it, allocating one byte of memory for the contents. The KDC will then
leak it on exit, as the length is zero. Simplify master key
destruction using zapfree().
[ghudson@mit.edu: wrote commit message]
if (rdp->realm_context) {
if (rdp->realm_mprinc)
krb5_free_principal(rdp->realm_context, rdp->realm_mprinc);
- if (rdp->realm_mkey.length && rdp->realm_mkey.contents) {
- /* XXX shouldn't memset be zap for safety? */
- memset(rdp->realm_mkey.contents, 0, rdp->realm_mkey.length);
- free(rdp->realm_mkey.contents);
- }
+ zapfree(rdp->realm_mkey.contents, rdp->realm_mkey.length);
krb5_db_fini(rdp->realm_context);
if (rdp->realm_tgsprinc)
krb5_free_principal(rdp->realm_context, rdp->realm_tgsprinc);
projects / thirdparty / krb5.git / commitdiff
