s4:auth: Fix resource leak (CID 1107222)

author Joseph Sutton <josephsutton@catalyst.net.nz>

Thu, 5 Oct 2023 22:03:52 +0000 (11:03 +1300)

committer Andrew Bartlett <abartlet@samba.org>

Fri, 13 Oct 2023 02:18:31 +0000 (02:18 +0000)
author Joseph Sutton <josephsutton@catalyst.net.nz>
Thu, 5 Oct 2023 22:03:52 +0000 (11:03 +1300)
committer Andrew Bartlett <abartlet@samba.org>
Fri, 13 Oct 2023 02:18:31 +0000 (02:18 +0000)
diff --git a/source4/auth/kerberos/kerberos_util.c b/source4/auth/kerberos/kerberos_util.c

index 2dfd45dc3fe3a62541138f8a9a3f685d818030da..dce71552e9acedc57f85760faca3305ce9924fb1 100644 (file)
--- a/source4/auth/kerberos/kerberos_util.c
+++ b/source4/auth/kerberos/kerberos_util.c
@@ -333,6 +333,7 @@ done:
                 ret = smb_krb5_context_set_event_ctx(smb_krb5_context, event_ctx, &previous_ev);
                 if (ret) {
                         talloc_free(mem_ctx);
+                       krb5_get_init_creds_opt_free(smb_krb5_context->krb5_context, krb_options);
                         return ret;
                 }
  #endif
@@ -361,6 +362,7 @@ done:
                 } else if (impersonate_principal) {
                         talloc_free(mem_ctx);
                         (*error_string) = "INTERNAL error: Cannot impersonate principal with just a keyblock.  A password must be specified in the credentials";
+                       krb5_get_init_creds_opt_free(smb_krb5_context->krb5_context, krb_options);
                         return EINVAL;
                 } else {
                         /* No password available, try to use a keyblock instead */
author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Thu, 5 Oct 2023 22:03:52 +0000 (11:03 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Fri, 13 Oct 2023 02:18:31 +0000 (02:18 +0000)