Fix memory leak in KDC PKINIT code

Commit e5c77a11341a79e6af1e5aef7c587a5b75a9e378 introduced a memory leak of the client public key in server_process_dh(). Free client_pubkey on success as well as failure. (cherry picked from commit cefc250efd71515dd665b606bcb993e617068758) ticket: 8644 version_fixed: 1.15.3
author: sashan <anedvedicky@gmail.com> 2018-02-20 23:03:36 +0100
committer: Greg Hudson <ghudson@mit.edu> 2018-05-01 16:53:14 -0400
commit: 57c70d882371fee7a1fca172d4a64f8f898b5c92 (patch)
tree: 25e1a804343f38173af365195d89e8a49fa70d72
parent: a2df94b6bb22ecf6e77c5044cff0f627b4fb30cf (diff)
download: krb5-57c70d882371fee7a1fca172d4a64f8f898b5c92.zip
krb5-57c70d882371fee7a1fca172d4a64f8f898b5c92.tar.gz
krb5-57c70d882371fee7a1fca172d4a64f8f898b5c92.tar.bz2
1 files changed, 1 insertions, 0 deletions
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index 4b86a6f..8d565e2 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -2991,6 +2991,7 @@ server_process_dh(krb5_context context,
 
     retval = 0;
 
+    BN_free(client_pubkey);
     if (dh_server != NULL)
         DH_free(dh_server);
     return retval;
author	sashan <anedvedicky@gmail.com>	2018-02-20 23:03:36 +0100
committer	Greg Hudson <ghudson@mit.edu>	2018-05-01 16:53:14 -0400
commit	57c70d882371fee7a1fca172d4a64f8f898b5c92 (patch)
tree	25e1a804343f38173af365195d89e8a49fa70d72
parent	a2df94b6bb22ecf6e77c5044cff0f627b4fb30cf (diff)
download	krb5-57c70d882371fee7a1fca172d4a64f8f898b5c92.zip krb5-57c70d882371fee7a1fca172d4a64f8f898b5c92.tar.gz krb5-57c70d882371fee7a1fca172d4a64f8f898b5c92.tar.bz2