From: Greg Hudson <ghudson@mit.edu>
Date: Tue, 28 Jun 2016 18:52:31 +0000 (-0400)
Subject: Fix krb5_get_init_creds_password() pwchange leak
X-Git-Tag: krb5-1.13.7-final~27
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=92ed15de11eb9995bbbc7c8c0502ac9da2a1668e;p=thirdparty%2Fkrb5.git

Fix krb5_get_init_creds_password() pwchange leak

When krb5_get_init_creds_password() attempts to change the password,
make sure to free code_string along all exit paths.

(cherry picked from commit 3e5f7709e1928f1e814c427f2811d9204a167439)

ticket: 8440
version_fixed: 1.13.7
---

diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c
index e95673fe47..298f07515f 100644
--- a/src/lib/krb5/krb/gic_pwd.c
+++ b/src/lib/krb5/krb/gic_pwd.c
@@ -443,6 +443,7 @@ krb5_get_init_creds_password(krb5_context context,
             /* the change succeeded.  go on */
 
             if (result_code == 0) {
+                free(code_string.data);
                 free(result_string.data);
                 break;
             }
@@ -452,6 +453,7 @@ krb5_get_init_creds_password(krb5_context context,
             ret = KRB5_CHPW_FAIL;
 
             if (result_code != KRB5_KPASSWD_SOFTERROR) {
+                free(code_string.data);
                 free(result_string.data);
                 goto cleanup;
             }