From: Greg Hudson <ghudson@mit.edu>
Date: Thu, 28 Mar 2013 06:08:45 +0000 (-0400)
Subject: Fix an error case in krb5_sendauth
X-Git-Tag: krb5-1.12-alpha1~249
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c4549f8f91fe53830f1e7d68d6d1f7b1a117a911;p=thirdparty%2Fkrb5.git

Fix an error case in krb5_sendauth

If we fail to get the client principal when constructing the
stack-allocated creds structure, don't double-free creds.server.
---

diff --git a/src/lib/krb5/krb/sendauth.c b/src/lib/krb5/krb/sendauth.c
index b1dde3c755..f7e6777411 100644
--- a/src/lib/krb5/krb/sendauth.c
+++ b/src/lib/krb5/krb/sendauth.c
@@ -108,10 +108,8 @@ krb5_sendauth(krb5_context context, krb5_auth_context *auth_context,
         else
             retval = krb5_cc_get_principal(context, use_ccache,
                                            &creds.client);
-        if (retval) {
-            krb5_free_principal(context, creds.server);
+        if (retval)
             goto error_return;
-        }
         /* creds.times.endtime = 0; -- memset 0 takes care of this
            zero means "as long as possible" */
         /* creds.keyblock.enctype = 0; -- as well as this.