diff options
author | Tomas Kuthan <tkuthan@gmail.com> | 2017-05-16 11:24:40 +0200 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2017-07-17 18:52:09 -0400 |
commit | 99ae7efbb9b332123e6d0918ee98c0c961accba7 (patch) | |
tree | 96aeeaeddcea1c452523584369028705f6bd66f6 | |
parent | 9ea1b4dec15f26352da9e3f261cc0b4ea563beda (diff) | |
download | krb5-99ae7efbb9b332123e6d0918ee98c0c961accba7.zip krb5-99ae7efbb9b332123e6d0918ee98c0c961accba7.tar.gz krb5-99ae7efbb9b332123e6d0918ee98c0c961accba7.tar.bz2 |
Free GSS checksum data deterministically
In the normal course of execution, md5.contents allocated by
kg_checksum_channel_bindings() in make_ap_req_v1() is freed in
make_gss_checksum(). But when there is a failure in
krb5_mk_req_extended() or in make_gss_checksum() before free is
called, the memory leaks.
This patch frees the memory unconditionally in make_ap_req_v1().
(cherry picked from commit 29337e7c7b796685fb6a03466d32147e17aa2d16)
ticket: 8584
version_fixed: 1.15.2
-rw-r--r-- | src/lib/gssapi/krb5/init_sec_context.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index 70f7955..2a7467f 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -355,9 +355,6 @@ make_gss_checksum (krb5_context context, krb5_auth_context auth_context, TWRITE_STR(ptr, data->md5.contents, data->md5.length); TWRITE_INT(ptr, data->ctx->gss_flags, 0); - /* done with this, free it */ - xfree(data->md5.contents); - if (credmsg.data) { TWRITE_INT16(ptr, KRB5_GSS_FOR_CREDS_OPTION, 0); TWRITE_INT16(ptr, credmsg.length, 0); @@ -429,6 +426,7 @@ make_ap_req_v1(context, ctx, cred, k_cred, ad_context, code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags, NULL, k_cred, &ap_req); krb5_auth_con_set_authdata_context(context, ctx->auth_context, NULL); + krb5_free_checksum_contents(context, &cksum_struct.md5); krb5_free_data_contents(context, &cksum_struct.checksum_data); if (code) goto cleanup; |