diff options
| author | Greg Hudson <ghudson@mit.edu> | 2014-06-10 23:53:31 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2014-07-12 12:40:47 -0400 |
| commit | bfd2a69193ddc1b324d48a7da6455cfbda54fc09 (patch) | |
| tree | 7139d3d44c3a2139d6cb8c98112265e71260c099 /src/plugins/kdb/db2/libdb2/hash/hash.c | |
| parent | aea099ab5544eefb4d27d8cd963b1247c10dc559 (diff) | |
| download | krb5-bfd2a69193ddc1b324d48a7da6455cfbda54fc09.zip krb5-bfd2a69193ddc1b324d48a7da6455cfbda54fc09.tar.gz krb5-bfd2a69193ddc1b324d48a7da6455cfbda54fc09.tar.bz2 | |
Fix several memory leaks in LDAP KDB modules
Fix memory leaks discovered by running valgrind over kdbtest, and some
related leaks. Many of them result from not calling ldap_msgfree
after an unsuccessful search (as the OpenLDAP documentation requires)
or after an exception following a search, so many of the fixes move or
add ldap_msgfree calls to cleanup labels.
ldap_osa_free_princ_ent was not used, and could not be used because it
frees the container while krb5_lookup_tl_kadm_data uses a
caller-allocated container. Change it to leave the container alone,
but to correctly destroy xdrs. Use it in krb5_ldap_put_principal
where princ_ent was leaked.
In krb5_ldap_put_principal, subtreelist is declared twice in interior
scopes and not properly freed; move it to function scope and free it
up in the cleanup label. Also in krb5_ldap_put_principal, avoiding
decoding multiple KBR5_TL_KADM_DATA values (which we don't expect to
see) as later decodes would cause earlier decodes to leak.
In krb5_encode_krbsecretkey, fix a leak of the krb5_data container and
also add an error check when calling asn1_encode_sequence_of_keys;
otherwise we would dereference a null pointer if we run out of memory
encoding keys (very unlikely).
ticket: 7941 (new)
target_version: 1.12.2
tags: pullup
Diffstat (limited to 'src/plugins/kdb/db2/libdb2/hash/hash.c')
0 files changed, 0 insertions, 0 deletions