From: Greg Hudson <ghudson@mit.edu>
Date: Fri, 15 Jun 2018 15:52:22 +0000 (-0400)
Subject: Fix minor leak in localauth RULE handling
X-Git-Tag: krb5-1.17-beta1~95
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F795%2Fhead;p=thirdparty%2Fkrb5.git

Fix minor leak in localauth RULE handling

In aname_replacer(), initialize current, null it when transferring
ownership to the caller, and free it on cleanup.  Otherwise it leaks
on failure.  Reported by Bean Zhang.

ticket: 8698
---

diff --git a/src/lib/krb5/os/localauth_rule.c b/src/lib/krb5/os/localauth_rule.c
index 852210825d..8be29c415d 100644
--- a/src/lib/krb5/os/localauth_rule.c
+++ b/src/lib/krb5/os/localauth_rule.c
@@ -146,7 +146,7 @@ aname_replacer(const char *string, const char **contextp, char **result)
 {
     krb5_error_code ret = 0;
     const char *cp, *ep, *tp;
-    char *current, *newstr, *rule = NULL, *repl = NULL;
+    char *newstr, *rule = NULL, *repl = NULL, *current = NULL;
     krb5_boolean doglobal;
 
     *result = NULL;
@@ -192,8 +192,10 @@ aname_replacer(const char *string, const char **contextp, char **result)
         current = newstr;
     }
     *result = current;
+    current = NULL;
 
 cleanup:
+    free(current);
     free(repl);
     free(rule);
     return ret;