From: Luke Howard Date: Sat, 29 Aug 2009 14:53:54 +0000 (+0000) Subject: plug some memory leaks X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=97861a64fcd284bc2e35aeb4c16771bf16f4814c;p=thirdparty%2Fkrb5.git plug some memory leaks git-svn-id: svn://anonsvn.mit.edu/krb5/users/lhoward/authdata@22656 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/include/krb5/authdata_plugin.h b/src/include/krb5/authdata_plugin.h index 16b03c0dbd..fd2acf9fc6 100644 --- a/src/include/krb5/authdata_plugin.h +++ b/src/include/krb5/authdata_plugin.h @@ -243,7 +243,8 @@ typedef krb5_error_code (*authdata_client_copy_context_proc)(krb5_context context, void *plugin_context, void *request_context, - void **dst_request_context); + void *dst_plugin_context, + void *dst_request_context); typedef void (*authdata_client_free_internal_proc)(krb5_context context, diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index 1c7e4908b8..681f18a67d 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -495,7 +495,7 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, /* validate the name */ /*SUPPRESS 29*/ - if ((desired_name != (gss_name_t) NULL) && + if ((desired_name != GSS_C_NO_NAME) && (! kg_validate_name(desired_name))) { *minor_status = (OM_uint32) G_VALIDATE_FAILED; krb5_free_context(context); diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c index a91f471db3..178223e430 100644 --- a/src/lib/gssapi/spnego/spnego_mech.c +++ b/src/lib/gssapi/spnego/spnego_mech.c @@ -1943,6 +1943,9 @@ spnego_gss_delete_sec_context( */ if (*ctx != NULL && (*ctx)->magic_num == SPNEGO_MAGIC_ID) { + (void) gss_delete_sec_context(minor_status, + &(*ctx)->ctx_handle, + output_token); (void) release_spnego_ctx(ctx); } else { ret = gss_delete_sec_context(minor_status, diff --git a/src/lib/krb5/krb/authdata.c b/src/lib/krb5/krb/authdata.c index 07c1cb65a6..ffb9806460 100644 --- a/src/lib/krb5/krb/authdata.c +++ b/src/lib/krb5/krb/authdata.c @@ -743,7 +743,8 @@ k5_copy_ad_module_data(krb5_context kcontext, code = (*src_module->ftable->copy_context)(kcontext, src_module->plugin_context, src_module->request_context, - dst_module->request_context_pp); + dst_module->plugin_context, + dst_module->request_context); return code; } @@ -772,10 +773,11 @@ krb5_authdata_context_copy(krb5_context kcontext, if (code != 0) { krb5_authdata_context_free(kcontext, dst); - } else { - *pdst = dst; + return code; } - return code; + *pdst = dst; + + return 0; } diff --git a/src/lib/krb5/krb/pac.c b/src/lib/krb5/krb/pac.c index 7ab3313e4f..7bb37b71a6 100644 --- a/src/lib/krb5/krb/pac.c +++ b/src/lib/krb5/krb/pac.c @@ -1358,27 +1358,20 @@ static krb5_error_code mspac_copy_context(krb5_context context, void *plugin_context, void *request_context, - void **dst_request_context) + void *dst_plugin_context, + void *dst_request_context) { struct mspac_context *srcctx = (struct mspac_context *)request_context; - struct mspac_context *dstctx; - krb5_error_code code; + struct mspac_context *dstctx = (struct mspac_context *)dst_request_context; + krb5_error_code code = 0; - code = mspac_request_init(context, plugin_context, (void **)&dstctx); - if (code != 0) - return code; + assert(dstctx != NULL); + assert(dstctx->pac == NULL); - if (srcctx->pac != NULL) { + if (srcctx->pac != NULL) code = k5_pac_copy(context, srcctx->pac, &dstctx->pac); - if (code != 0) { - free(dstctx); - return code; - } - } - - *dst_request_context = dstctx; - return 0; + return code; } static void diff --git a/src/plugins/authdata/greet_client/greet.c b/src/plugins/authdata/greet_client/greet.c index e636c34410..373db0cec5 100644 --- a/src/plugins/authdata/greet_client/greet.c +++ b/src/plugins/authdata/greet_client/greet.c @@ -119,8 +119,9 @@ static krb5_error_code greet_get_attribute_types(krb5_context context, void *plugin_context, void *request_context, + krb5_data **verified, krb5_data **asserted, - krb5_data **verified) + krb5_data **all_attrs) { krb5_error_code code; struct greet_context *greet = (struct greet_context *)request_context; @@ -128,6 +129,9 @@ greet_get_attribute_types(krb5_context context, if (greet->greeting.length == 0) return ENOENT; + if (asserted == NULL) + return 0; + *asserted = calloc(2, sizeof(krb5_data)); if (*asserted == NULL) return ENOMEM; @@ -139,8 +143,6 @@ greet_get_attribute_types(krb5_context context, return code; } - *verified = NULL; - return 0; } @@ -230,25 +232,13 @@ static krb5_error_code greet_copy_context(krb5_context context, void *plugin_context, void *request_context, - void **dst_request_context) + void *dst_plugin_context, + void *dst_request_context) { struct greet_context *src = (struct greet_context *)request_context; - struct greet_context *dst = (struct greet_context *)request_context; - krb5_error_code code; - - code = greet_request_init(context, plugin_context, (void **)&dst); - if (code != 0) - return code; + struct greet_context *dst = (struct greet_context *)dst_request_context; - code = krb5int_copy_data_contents_add0(context, &src->greeting, &dst->greeting); - if (code != 0) { - greet_request_fini(context, plugin_context,(void **)&dst); - return code; - } - - *dst_request_context = dst; - - return 0; + return krb5int_copy_data_contents_add0(context, &src->greeting, &dst->greeting); } static krb5_authdatatype greet_ad_types[] = { -42, 0 }; diff --git a/src/tests/gssapi/t_namingexts.c b/src/tests/gssapi/t_namingexts.c index aa75fbec37..084c2522d3 100644 --- a/src/tests/gssapi/t_namingexts.c +++ b/src/tests/gssapi/t_namingexts.c @@ -72,7 +72,7 @@ static OM_uint32 displayCanonName(OM_uint32 *minor, gss_name_t name, char *tag) { gss_name_t canon; - OM_uint32 major; + OM_uint32 major, tmp; gss_buffer_desc buf; major = gss_canonicalize_name(minor, name, (gss_OID)gss_mech_krb5, &canon); @@ -83,13 +83,15 @@ displayCanonName(OM_uint32 *minor, gss_name_t name, char *tag) major = gss_display_name(minor, canon, &buf, NULL); if (GSS_ERROR(major)) { + gss_release_name(&tmp, &canon); displayStatus("gss_display_name", major, minor); return major; } printf("%s:\t%s\n", tag, (char *)buf.value); - gss_release_buffer(minor, &buf); + gss_release_name(&tmp, &canon); + gss_release_buffer(&tmp, &buf); return GSS_S_COMPLETE; } @@ -271,8 +273,7 @@ testGreetAuthzData(OM_uint32 *minor, static OM_uint32 initAcceptSecContext(OM_uint32 *minor, - gss_cred_id_t verifier_cred_handle, - gss_cred_id_t *deleg_cred_handle) + gss_cred_id_t verifier_cred_handle) { OM_uint32 major; gss_buffer_desc token, tmp; @@ -288,8 +289,6 @@ initAcceptSecContext(OM_uint32 *minor, tmp.value = NULL; tmp.length = 0; - *deleg_cred_handle = GSS_C_NO_CREDENTIAL; - major = gss_inquire_cred(minor, verifier_cred_handle, &target_name, NULL, NULL, NULL); if (GSS_ERROR(major)) { @@ -337,7 +336,7 @@ initAcceptSecContext(OM_uint32 *minor, &tmp, NULL, &time_rec, - deleg_cred_handle); + NULL); if (GSS_ERROR(major)) displayStatus("gss_accept_sec_context", major, minor); @@ -347,6 +346,7 @@ initAcceptSecContext(OM_uint32 *minor, testExportImportName(minor, source_name); } + (void) gss_release_name(minor, &source_name); (void) gss_delete_sec_context(minor, &acceptor_context, NULL); (void) gss_release_buffer(minor, &token); (void) gss_release_buffer(minor, &tmp); @@ -358,7 +358,6 @@ int main(int argc, char *argv[]) { OM_uint32 minor, major, tmp; gss_cred_id_t cred_handle = GSS_C_NO_CREDENTIAL; - gss_cred_id_t delegated_cred_handle = GSS_C_NO_CREDENTIAL; gss_OID_set_desc mechs; gss_OID_set actual_mechs = GSS_C_NO_OID_SET; gss_name_t name = GSS_C_NO_NAME; @@ -427,16 +426,13 @@ int main(int argc, char *argv[]) (void) gss_release_oid_set(&minor, &actual_mechs); - major = initAcceptSecContext(&minor, - cred_handle, - &delegated_cred_handle); + major = initAcceptSecContext(&minor, cred_handle); if (GSS_ERROR(major)) goto out; printf("\n"); out: - (void) gss_release_cred(&tmp, &delegated_cred_handle); (void) gss_release_cred(&tmp, &cred_handle); (void) gss_release_oid_set(&tmp, &actual_mechs); (void) gss_release_name(&tmp, &name);