diff options
| author | Ezra Peisach <epeisach@mit.edu> | 2001-11-19 18:29:45 +0000 |
|---|---|---|
| committer | Ezra Peisach <epeisach@mit.edu> | 2001-11-19 18:29:45 +0000 |
| commit | 0b9d961e7b1661e8d513028abfc31196813cf63c (patch) | |
| tree | 96f8d6962e91ca685705899da5e2f85d237dd597 /src/appl/gss-sample/gss-server.c | |
| parent | e4e058f63c1e116bbf92d677bda2a86c6397508f (diff) | |
| download | krb5-0b9d961e7b1661e8d513028abfc31196813cf63c.zip krb5-0b9d961e7b1661e8d513028abfc31196813cf63c.tar.gz krb5-0b9d961e7b1661e8d513028abfc31196813cf63c.tar.bz2 | |
* gss-server.c (server_establish_context, sign_server): Ensure
that memory blocks are only freed once.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13991 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/appl/gss-sample/gss-server.c')
| -rw-r--r-- | src/appl/gss-sample/gss-server.c | 44 |
1 files changed, 34 insertions, 10 deletions
diff --git a/src/appl/gss-sample/gss-server.c b/src/appl/gss-sample/gss-server.c index 28a8070..8a394a5 100644 --- a/src/appl/gss-sample/gss-server.c +++ b/src/appl/gss-sample/gss-server.c @@ -150,6 +150,7 @@ static int server_establish_context(s, server_creds, context, client_name, free (recv_tok.value); recv_tok.value = NULL; } + if (! (token_flags & TOKEN_NOOP)) { if (log) fprintf(log, "Expected NOOP token, got %d token instead\n", @@ -182,7 +183,10 @@ static int server_establish_context(s, server_creds, context, client_name, NULL, /* ignore time_rec */ NULL); /* ignore del_cred_handle */ - free(recv_tok.value); + if(recv_tok.value) { + free(recv_tok.value); + recv_tok.value = NULL; + } if (send_tok.length != 0) { if (verbose && log) { @@ -418,7 +422,10 @@ static int sign_server(s, server_creds, export) if (token_flags & TOKEN_NOOP) { if (log) fprintf(log, "NOOP token\n"); - (void) gss_release_buffer(&min_stat, &xmit_buf); + if(xmit_buf.value) { + free(xmit_buf.value); + xmit_buf.value = 0; + } break; } @@ -432,7 +439,10 @@ static int sign_server(s, server_creds, export) if (log) fprintf(log, "Unauthenticated client requested authenticated services!\n"); - free (xmit_buf.value); + if(xmit_buf.value) { + free (xmit_buf.value); + xmit_buf.value = 0; + } return(-1); } @@ -441,13 +451,19 @@ static int sign_server(s, server_creds, export) &conf_state, (gss_qop_t *) NULL); if (maj_stat != GSS_S_COMPLETE) { display_status("unsealing message", maj_stat, min_stat); - free (xmit_buf.value); + if(xmit_buf.value) { + free (xmit_buf.value); + xmit_buf.value = 0; + } return(-1); } else if (! conf_state && (token_flags & TOKEN_ENCRYPTED)) { fprintf(stderr, "Warning! Message not encrypted.\n"); } - free (xmit_buf.value); + if(xmit_buf.value) { + free (xmit_buf.value); + xmit_buf.value = 0; + } } else { msg_buf = xmit_buf; @@ -474,18 +490,26 @@ static int sign_server(s, server_creds, export) display_status("signing message", maj_stat, min_stat); return(-1); } -if (token_flags & TOKEN_WRAPPED) - free (xmit_buf.value); + + if(msg_buf.value) { + free (msg_buf.value); + msg_buf.value = 0; + } /* Send the signature block to the client */ if (send_token(s, TOKEN_MIC, &xmit_buf) < 0) return(-1); - (void) gss_release_buffer(&min_stat, &xmit_buf); + if(xmit_buf.value) { + free (xmit_buf.value); + xmit_buf.value = 0; + } } else { - if (token_flags & TOKEN_WRAPPED) - free (xmit_buf.value); + if(msg_buf.value) { + free (msg_buf.value); + msg_buf.value = 0; + } if (send_token(s, TOKEN_NOOP, empty_token) < 0) return(-1); } |