diff options
author | Ezra Peisach <epeisach@mit.edu> | 2008-08-16 13:03:30 +0000 |
---|---|---|
committer | Ezra Peisach <epeisach@mit.edu> | 2008-08-16 13:03:30 +0000 |
commit | d1dee36427592d649aa27ea1b05167f5d83ca50e (patch) | |
tree | b46fa9763bfb904ae5b971d96e622ec86baefeee /src/lib/krb5 | |
parent | 98428ac61a8273ada2ccd6b3f997b300eb31c246 (diff) | |
download | krb5-d1dee36427592d649aa27ea1b05167f5d83ca50e.zip krb5-d1dee36427592d649aa27ea1b05167f5d83ca50e.tar.gz krb5-d1dee36427592d649aa27ea1b05167f5d83ca50e.tar.bz2 |
In parsing authorization data, if run out of memory, the authorization
data was released, but the pointer not zeroed. This resulted in
higher level code trying to free it again.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20667 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5')
-rw-r--r-- | src/lib/krb5/ccache/cc_file.c | 1 | ||||
-rw-r--r-- | src/lib/krb5/ccache/cc_keyring.c | 7 |
2 files changed, 6 insertions, 2 deletions
diff --git a/src/lib/krb5/ccache/cc_file.c b/src/lib/krb5/ccache/cc_file.c index 0e5a9b6..a24ff45 100644 --- a/src/lib/krb5/ccache/cc_file.c +++ b/src/lib/krb5/ccache/cc_file.c @@ -816,6 +816,7 @@ krb5_fcc_read_authdata(krb5_context context, krb5_ccache id, krb5_authdata ***a) (*a)[i] = (krb5_authdata *) malloc(sizeof(krb5_authdata)); if ((*a)[i] == NULL) { krb5_free_authdata(context, *a); + *a = NULL; return KRB5_CC_NOMEM; } (*a)[i]->contents = NULL; diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c index be22a83..2d8864a 100644 --- a/src/lib/krb5/ccache/cc_keyring.c +++ b/src/lib/krb5/ccache/cc_keyring.c @@ -1287,7 +1287,7 @@ krb5_krcc_parse_cred(krb5_context context, krb5_ccache id, krb5_creds * creds, memset(creds->ticket.data, 0, (unsigned) creds->ticket.length); krb5_xfree(creds->ticket.data); cleanauthdata: - /* XXX ??? */ + krb5_free_authdata(context, creds->authdata); cleanaddrs: krb5_free_addresses(context, creds->addresses); cleanblock: @@ -1616,6 +1616,7 @@ krb5_krcc_parse_authdata(krb5_context context, krb5_ccache id, (*a)[i] = (krb5_authdata *) malloc(sizeof(krb5_authdata)); if ((*a)[i] == NULL) { krb5_free_authdata(context, *a); + *a = NULL; return KRB5_CC_NOMEM; } kret = krb5_krcc_parse_authdatum(context, id, (*a)[i], bc); @@ -1624,8 +1625,10 @@ krb5_krcc_parse_authdata(krb5_context context, krb5_ccache id, return KRB5_OK; errout: - if (*a) + if (*a) { krb5_free_authdata(context, *a); + *a = NULL; + } return kret; } |