From e316b24a2ac3d0b13fe50b37773f51441c63396e Mon Sep 17 00:00:00 2001 From: Ben Kaduk Date: Fri, 5 Dec 2014 21:18:38 -0500 Subject: [PATCH] Add helper for freeing arrays of berval pointers This eliminates a potential leak of the bv_val members from krb5_encode_krbsecretkey(). --- .../kdb/ldap/libkdb_ldap/ldap_principal2.c | 32 ++++++++++++------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c index 10b5982f16..b970f8dae0 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c @@ -396,6 +396,24 @@ asn1_decode_sequence_of_keys(krb5_data *in, krb5_key_data **out, return 0; } +/* + * Free a NULL-terminated struct berval *array[] and all its contents. + * Does not set array to NULL after freeing it. + */ +static void +free_berdata(struct berval **array) +{ + int i; + + if (array != NULL) { + for (i = 0; array[i] != NULL; i++) { + if (array[i]->bv_val != NULL) + free(array[i]->bv_val); + free(array[i]); + } + free(array); + } +} /* Decoding ASN.1 encoded key */ static struct berval ** @@ -466,12 +484,8 @@ cleanup: free(key_data); if (err != 0) { - if (ret != NULL) { - for (i = 0; ret[i] != NULL; i++) - free (ret[i]); - free (ret); - ret = NULL; - } + free_berdata(ret); + ret = NULL; } return ret; @@ -1131,11 +1145,7 @@ krb5_ldap_put_principal(krb5_context context, krb5_db_entry *entry, LDAP_MOD_REPLACE | LDAP_MOD_BVALUES, ber_tl_data); } - for (j = 0; ber_tl_data[j] != NULL; j++) { - free(ber_tl_data[j]->bv_val); - free(ber_tl_data[j]); - } - free(ber_tl_data); + free_berdata(ber_tl_data); if (st != 0) goto cleanup; } -- 2.47.3