From: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Tue, 9 Jul 2013 22:29:41 +0000 (-0400)
Subject: Fix a leak when parsing PKINIT cert SANs with NSS
X-Git-Tag: krb5-1.12-alpha1~102
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4365d313c6109988268b746bcaf1c08f7b7a593c;p=thirdparty%2Fkrb5.git

Fix a leak when parsing PKINIT cert SANs with NSS

When retrieving the list of a certificate's subjectAltName values, we
weren't freeing some of the temporary memory we used.
---

diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
index 4b0245c9b2..47006ec7e6 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
@@ -4389,6 +4389,7 @@ cert_retrieve_cert_sans(krb5_context context,
             break;
         }
     }
+    PORT_FreeArena(pool, PR_TRUE);
 
     return 0;
 }