diff options
| author | Greg Hudson <ghudson@mit.edu> | 2019-11-23 11:42:59 -0500 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2019-12-09 17:02:52 -0500 |
| commit | b4297051674d08d27d94881bf79b8f4dea82b686 (patch) | |
| tree | 1db19cb24b68a74ec84a03ee99aa960148343688 | |
| parent | 3a1b4ba5d031a50a2217319ef0bfca055bcc10dc (diff) | |
| download | krb5-b4297051674d08d27d94881bf79b8f4dea82b686.zip krb5-b4297051674d08d27d94881bf79b8f4dea82b686.tar.gz krb5-b4297051674d08d27d94881bf79b8f4dea82b686.tar.bz2 | |
Various gssalloc fixes
The DEBUG_GSSALLOC version of gssalloc_realloc() must add the sentinel
size to the byte count.
The mechglue gss_decapsulate_token(), gss_encapsulate_token(), and
gss_export_sec_context() must use gssalloc_malloc() to allocate
output buffers.
The krb5 mech's gss_export_name_composite() and gss_pseudo_random()
implementations must use gssalloc_malloc() to allocate output buffers.
SPNEGO's gss_display_status() implementation must use gssalloc for the
output buffer.
The sample GSS server must use gss_release_buffer() to free the result
of gss_export_sec_context().
(cherry picked from commit ab5c4259bdbe51dd3f4b5c5aff22628188d04322)
ticket: 8852
version_fixed: 1.17.1
| -rw-r--r-- | src/appl/gss-sample/gss-server.c | 2 | ||||
| -rw-r--r-- | src/lib/gssapi/generic/gssapi_alloc.h | 2 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/naming_exts.c | 2 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/prf.c | 2 | ||||
| -rw-r--r-- | src/lib/gssapi/mechglue/g_decapsulate_token.c | 2 | ||||
| -rw-r--r-- | src/lib/gssapi/mechglue/g_encapsulate_token.c | 2 | ||||
| -rw-r--r-- | src/lib/gssapi/mechglue/g_exp_sec_context.c | 2 | ||||
| -rw-r--r-- | src/lib/gssapi/spnego/spnego_mech.c | 2 |
8 files changed, 8 insertions, 8 deletions
diff --git a/src/appl/gss-sample/gss-server.c b/src/appl/gss-sample/gss-server.c index 6b5959a..793fefc 100644 --- a/src/appl/gss-sample/gss-server.c +++ b/src/appl/gss-sample/gss-server.c @@ -391,7 +391,7 @@ test_import_export_context(gss_ctx_id_t *context) if (verbose && logfile) fprintf(logfile, "Importing context: %7.4f seconds\n", timeval_subtract(&tm1, &tm2)); - free(context_token.value); + (void) gss_release_buffer(&min_stat, &context_token); return 0; } diff --git a/src/lib/gssapi/generic/gssapi_alloc.h b/src/lib/gssapi/generic/gssapi_alloc.h index fff88fd..89ef332 100644 --- a/src/lib/gssapi/generic/gssapi_alloc.h +++ b/src/lib/gssapi/generic/gssapi_alloc.h @@ -83,7 +83,7 @@ gssalloc_realloc(void *value, size_t size) return gssalloc_malloc(size); if (memcmp(p, "gssalloc", 8) != 0) abort(); - return (char *)realloc(p, size) + 8; + return (char *)realloc(p, size + 8) + 8; } #else /* not _WIN32 or DEBUG_GSSALLOC */ diff --git a/src/lib/gssapi/krb5/naming_exts.c b/src/lib/gssapi/krb5/naming_exts.c index 41752d9..2ac1aba 100644 --- a/src/lib/gssapi/krb5/naming_exts.c +++ b/src/lib/gssapi/krb5/naming_exts.c @@ -624,7 +624,7 @@ krb5_gss_export_name_composite(OM_uint32 *minor_status, exp_composite_name->length += 4; /* length of encoded attributes */ if (attrs != NULL) exp_composite_name->length += attrs->length; - exp_composite_name->value = malloc(exp_composite_name->length); + exp_composite_name->value = gssalloc_malloc(exp_composite_name->length); if (exp_composite_name->value == NULL) { code = ENOMEM; goto cleanup; diff --git a/src/lib/gssapi/krb5/prf.c b/src/lib/gssapi/krb5/prf.c index e897074..f87957b 100644 --- a/src/lib/gssapi/krb5/prf.c +++ b/src/lib/gssapi/krb5/prf.c @@ -86,7 +86,7 @@ krb5_gss_pseudo_random(OM_uint32 *minor_status, if (desired_output_len == 0) return GSS_S_COMPLETE; - prf_out->value = k5alloc(desired_output_len, &code); + prf_out->value = gssalloc_malloc(desired_output_len); if (prf_out->value == NULL) { code = KG_INPUT_TOO_LONG; goto cleanup; diff --git a/src/lib/gssapi/mechglue/g_decapsulate_token.c b/src/lib/gssapi/mechglue/g_decapsulate_token.c index 934d260..1c04e2f 100644 --- a/src/lib/gssapi/mechglue/g_decapsulate_token.c +++ b/src/lib/gssapi/mechglue/g_decapsulate_token.c @@ -55,7 +55,7 @@ gss_decapsulate_token(gss_const_buffer_t input_token, if (minor != 0) return GSS_S_DEFECTIVE_TOKEN; - output_token->value = malloc(body_size); + output_token->value = gssalloc_malloc(body_size); if (output_token->value == NULL) return GSS_S_FAILURE; diff --git a/src/lib/gssapi/mechglue/g_encapsulate_token.c b/src/lib/gssapi/mechglue/g_encapsulate_token.c index 6ce0eeb..850e3ee 100644 --- a/src/lib/gssapi/mechglue/g_encapsulate_token.c +++ b/src/lib/gssapi/mechglue/g_encapsulate_token.c @@ -51,7 +51,7 @@ gss_encapsulate_token(gss_const_buffer_t input_token, assert(tokenSize > 2); tokenSize -= 2; /* TOK_ID */ - output_token->value = malloc(tokenSize); + output_token->value = gssalloc_malloc(tokenSize); if (output_token->value == NULL) return GSS_S_FAILURE; diff --git a/src/lib/gssapi/mechglue/g_exp_sec_context.c b/src/lib/gssapi/mechglue/g_exp_sec_context.c index 1d7990b..a04afe3 100644 --- a/src/lib/gssapi/mechglue/g_exp_sec_context.c +++ b/src/lib/gssapi/mechglue/g_exp_sec_context.c @@ -112,7 +112,7 @@ gss_buffer_t interprocess_token; length = token.length + 4 + ctx->mech_type->length; interprocess_token->length = length; - interprocess_token->value = malloc(length); + interprocess_token->value = gssalloc_malloc(length); if (interprocess_token->value == 0) { *minor_status = ENOMEM; status = GSS_S_FAILURE; diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c index efcec2d..038fdb6 100644 --- a/src/lib/gssapi/spnego/spnego_mech.c +++ b/src/lib/gssapi/spnego/spnego_mech.c @@ -3732,7 +3732,7 @@ negotiate_mech(gss_OID_set supported, gss_OID_set received, static spnego_token_t make_spnego_token(const char *name) { - return (spnego_token_t)strdup(name); + return (spnego_token_t)gssalloc_strdup(name); } static gss_buffer_desc |