git.ipfire.org Git - thirdparty/krb5.git/commit

]> git.ipfire.org Git - thirdparty/krb5.git/commit

projects / thirdparty / krb5.git / commit

author	Julien Rische <jrische@redhat.com>
	Wed, 1 Feb 2023 14:57:26 +0000 (15:57 +0100)
committer	Greg Hudson <ghudson@mit.edu>
	Wed, 1 Mar 2023 22:06:05 +0000 (17:06 -0500)
commit	fddd419fc4112a118d8091e296cc2bfa8d8f777b
tree	3c832d7d546f8b9079d68f70663db5672a5f9db9	tree
parent	9139a60c94c24e41109574e84e7cda9c2dc3fb38	commit \| diff

Fix possible double-free during KDB creation

In krb5_dbe_def_encrypt_key_data(), when we free
key_data->key_data_contents[0], reset it to null so the caller doesn't
free it as well.

Since commit a06945b4ec267e8b80e5e8c95edd89930ff12103 this bug
manifests as a double-free during KDB creation if master key
encryption fails.

[ghudson@mit.edu: edited commit message]

ticket: 9086 (new)
tags: pullup
target_version: 1.20-next

src/lib/kdb/encrypt_key.c

diff | blob | blame | history

Mirror of https://github.com/krb5/krb5.git

RSS Atom