diff options
author | Greg Hudson <ghudson@mit.edu> | 2016-10-21 02:06:18 -0400 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2016-10-24 16:43:23 -0400 |
commit | 3bb6e66c07a9864cc7ece0604105bd987e1d2977 (patch) | |
tree | b91df2418c09b582531223173eed3a7310502c55 | |
parent | f94a9e9e2219544a9f3f26dfee0dd6df62b0692e (diff) | |
download | krb5-3bb6e66c07a9864cc7ece0604105bd987e1d2977.zip krb5-3bb6e66c07a9864cc7ece0604105bd987e1d2977.tar.gz krb5-3bb6e66c07a9864cc7ece0604105bd987e1d2977.tar.bz2 |
Fix rare leak in krb5_cccol_have_content()
If krb5_cc_start_seq_get() fails inside the loop, close the current
credential cache before continuing to the next one. Reported by Todd
Lipcon.
(cherry picked from commit 1735f2e74767e56ac3bd75de61d41b8363ec6ce4)
ticket: 8509
version_fixed: 1.15
-rw-r--r-- | src/lib/krb5/ccache/cccursor.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/krb5/ccache/cccursor.c b/src/lib/krb5/ccache/cccursor.c index 281f128..c31a3f5 100644 --- a/src/lib/krb5/ccache/cccursor.c +++ b/src/lib/krb5/ccache/cccursor.c @@ -255,8 +255,10 @@ krb5_cccol_have_content(krb5_context context) ret = krb5_cc_start_seq_get(context, cache, &cache_cursor); save_first_error(context, ret, &errsave); - if (ret) + if (ret) { + krb5_cc_close(context, cache); continue; + } while (!found) { ret = krb5_cc_next_cred(context, cache, &cache_cursor, &creds); save_first_error(context, ret, &errsave); |