Fix unlikely leak in KDC AS-REQ error path

In prepare_error_as(), if krb5_us_timeofday() fails and error pa-data was supplied, the FAST cookie and a shallow copy of the error padata can be leaked. Reported by Will Fiveash. (cherry picked from commit 8d852c577039d59e1bea383e4ddfe575c20f240d) ticket: 8498 version_fixed: 1.14.5
author: Greg Hudson <ghudson@mit.edu> 2016-09-22 02:21:39 -0400
committer: Tom Yu <tlyu@mit.edu> 2016-10-24 15:38:13 -0400
commit: b5cd94af456bd62a0f71c5bf88dd6a74b5671653 (patch)
tree: f7b00ac5e0f336aaab2cfe326c2ed90b0c554b47
parent: 0d05aa2ddf61eb03ddb647477d39a2bd1ccc9254 (diff)
download: krb5-b5cd94af456bd62a0f71c5bf88dd6a74b5671653.zip
krb5-b5cd94af456bd62a0f71c5bf88dd6a74b5671653.tar.gz
krb5-b5cd94af456bd62a0f71c5bf88dd6a74b5671653.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c
index 5440949..712ccb7 100644
--- a/src/kdc/do_as_req.c
+++ b/src/kdc/do_as_req.c
@@ -859,7 +859,7 @@ prepare_error_as(struct kdc_request_state *rstate, krb5_kdc_req *request,
 
     retval = krb5_us_timeofday(kdc_context, &errpkt.stime, &errpkt.susec);
     if (retval)
-        return retval;
+        goto cleanup;
     errpkt.error = error;
     errpkt.server = request->server;
     errpkt.client = (error == KDC_ERR_WRONG_REALM) ? canon_client :
author	Greg Hudson <ghudson@mit.edu>	2016-09-22 02:21:39 -0400
committer	Tom Yu <tlyu@mit.edu>	2016-10-24 15:38:13 -0400
commit	b5cd94af456bd62a0f71c5bf88dd6a74b5671653 (patch)
tree	f7b00ac5e0f336aaab2cfe326c2ed90b0c554b47
parent	0d05aa2ddf61eb03ddb647477d39a2bd1ccc9254 (diff)
download	krb5-b5cd94af456bd62a0f71c5bf88dd6a74b5671653.zip krb5-b5cd94af456bd62a0f71c5bf88dd6a74b5671653.tar.gz krb5-b5cd94af456bd62a0f71c5bf88dd6a74b5671653.tar.bz2