From: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Tue, 9 Jul 2013 21:20:27 +0000 (-0400)
Subject: Don't leak the reply key's memory during PKINIT
X-Git-Tag: krb5-1.12-alpha1~105
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=40d61fe580a57d63987c4e2b8eecd9f0ed1f1189;p=thirdparty%2Fkrb5.git

Don't leak the reply key's memory during PKINIT
---

diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c
index ff564ff86b..5db24dad37 100644
--- a/src/plugins/preauth/pkinit/pkinit_clnt.c
+++ b/src/plugins/preauth/pkinit/pkinit_clnt.c
@@ -1130,8 +1130,10 @@ pkinit_client_process(krb5_context context, krb5_clpreauth_moddata moddata,
         retval = pa_pkinit_parse_rep(context, plgctx, reqctx, request,
                                      in_padata, enctype, &as_key,
                                      encoded_previous_request);
-        if (retval == 0)
+        if (retval == 0) {
             retval = cb->set_as_key(context, rock, &as_key);
+            krb5_free_keyblock_contents(context, &as_key);
+        }
     }
 
     pkiDebug("pkinit_client_process: returning %d (%s)\n",