From 80d1c7cee0e861166925de1fe157f11a9ef1c22f Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Thu, 26 May 2016 11:18:24 -0400 Subject: [PATCH] Fix memory leak in LDAP rename krb5_ldap_rename_principal() must free bersecretkey. ticket: 8065 --- src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c | 1 + src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.h | 3 +++ src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c | 2 +- 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c index 00c2c88467..d722dbfa60 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c @@ -554,6 +554,7 @@ cleanup: free(dn); free(suser); free(tuser); + free_berdata(bersecretkey); krb5_db_free_principal(context, entry); ldap_mods_free(mods, 1); krb5_ldap_put_handle_to_pool(ldap_context, ldap_server_handle); diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.h b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.h index a3f3c3cf6e..72a9f960b4 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.h +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.h @@ -140,6 +140,9 @@ krb5_error_code krb5_decode_krbsecretkey(krb5_context, krb5_db_entry *, struct berval **, krb5_kvno *); +void +free_berdata(struct berval **array); + krb5_error_code berval2tl_data(struct berval *in, krb5_tl_data **out); diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c index 7deafb1b8e..7ba53f959c 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c @@ -429,7 +429,7 @@ asn1_decode_sequence_of_keys(krb5_data *in, ldap_seqof_key_data *out) * Free a NULL-terminated struct berval *array[] and all its contents. * Does not set array to NULL after freeing it. */ -static void +void free_berdata(struct berval **array) { int i; -- 2.47.2