diff options
author | Greg Hudson <ghudson@mit.edu> | 2016-10-21 02:06:18 -0400 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2016-10-24 15:38:14 -0400 |
commit | 80d909e2053dffa09ec31496439e26eaf8b02560 (patch) | |
tree | 6b240de22c0e16451203a63751ab38f485be5f6b | |
parent | a644a1f0ea587d8af25ab72966d24e9ddd55ce05 (diff) | |
download | krb5-80d909e2053dffa09ec31496439e26eaf8b02560.zip krb5-80d909e2053dffa09ec31496439e26eaf8b02560.tar.gz krb5-80d909e2053dffa09ec31496439e26eaf8b02560.tar.bz2 |
Fix rare leak in krb5_cccol_have_content()
If krb5_cc_start_seq_get() fails inside the loop, close the current
credential cache before continuing to the next one. Reported by Todd
Lipcon.
(cherry picked from commit 1735f2e74767e56ac3bd75de61d41b8363ec6ce4)
ticket: 8509
version_fixed: 1.14.5
-rw-r--r-- | src/lib/krb5/ccache/cccursor.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/krb5/ccache/cccursor.c b/src/lib/krb5/ccache/cccursor.c index 281f128..c31a3f5 100644 --- a/src/lib/krb5/ccache/cccursor.c +++ b/src/lib/krb5/ccache/cccursor.c @@ -255,8 +255,10 @@ krb5_cccol_have_content(krb5_context context) ret = krb5_cc_start_seq_get(context, cache, &cache_cursor); save_first_error(context, ret, &errsave); - if (ret) + if (ret) { + krb5_cc_close(context, cache); continue; + } while (!found) { ret = krb5_cc_next_cred(context, cache, &cache_cursor, &creds); save_first_error(context, ret, &errsave); |