From 9984c2343c96f3aaaf8a8d6dfc1b6de1eae533c2 Mon Sep 17 00:00:00 2001 From: Seemant Choudhary Date: Wed, 24 Aug 2016 12:20:01 -0400 Subject: [PATCH] Fix leak in krb5_server_decrypt_ticket_keytab() When we skip a keytab entry because it is of the wrong enctype, free it before continuing. ticket: 8482 target_version: 1.14-next target_version: 1.13-next tags: pullup --- src/lib/krb5/krb/srv_dec_tkt.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/lib/krb5/krb/srv_dec_tkt.c b/src/lib/krb5/krb/srv_dec_tkt.c index 708a25fb25..6c922523ee 100644 --- a/src/lib/krb5/krb/srv_dec_tkt.c +++ b/src/lib/krb5/krb/srv_dec_tkt.c @@ -99,8 +99,10 @@ krb5_server_decrypt_ticket_keytab(krb5_context context, retval = KRB5_KT_NOTFOUND; while ((code = krb5_kt_next_entry(context, keytab, &ktent, &cursor)) == 0) { - if (ktent.key.enctype != ticket->enc_part.enctype) + if (ktent.key.enctype != ticket->enc_part.enctype) { + (void) krb5_free_keytab_entry_contents(context, &ktent); continue; + } retval = decrypt_ticket_keyblock(context, &ktent.key, ticket); if (retval == 0) { -- 2.47.2