Fix krb5_rd_req() memory leak

In release 1.13, commit eba8c4909ec7ba0d7054d5d1b1061319e9970cc7 (ticket #7232) introduced a memory leak when skipping keytab entries which do not match the application-provided server specification. Fix it by freeing the keytab entry before continuing the loop on a failure to match. [ghudson@mit.edu: commit message] (cherry picked from commit 3aa8506ee9e1f564e3f396eed5ac5616d7c54b34) ticket: 8239 version_fixed: 1.13.3 status: resolved
author: Nicolas Williams <nico@twosigma.com> 2015-09-01 11:58:30 -0400
committer: Tom Yu <tlyu@mit.edu> 2015-09-16 17:24:24 -0400
commit: 721e80d6deece5ed6d7b2c1a160105830bf45b4b (patch)
tree: 6d4de50b2c4015d7e09753cc0e4963660e3adb14 /src
parent: 5250332e15a873d8e5a2ec6e7bc1f82d337b9081 (diff)
download: krb5-721e80d6deece5ed6d7b2c1a160105830bf45b4b.zip
krb5-721e80d6deece5ed6d7b2c1a160105830bf45b4b.tar.gz
krb5-721e80d6deece5ed6d7b2c1a160105830bf45b4b.tar.bz2
1 files changed, 1 insertions, 0 deletions
diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c
index df5ba7a..6defbdb 100644
--- a/src/lib/krb5/krb/rd_req_dec.c
+++ b/src/lib/krb5/krb/rd_req_dec.c
@@ -396,6 +396,7 @@ decrypt_ticket(krb5_context context, const krb5_ap_req *req,
         if (!krb5_sname_match(context, server, ent.principal)) {
             if (krb5_principal_compare(context, ent.principal, tkt_server))
                 tkt_server_mismatch = TRUE;
+            (void)krb5_free_keytab_entry_contents(context, &ent);
             continue;
         }
         found_server_match = TRUE;
author	Nicolas Williams <nico@twosigma.com>	2015-09-01 11:58:30 -0400
committer	Tom Yu <tlyu@mit.edu>	2015-09-16 17:24:24 -0400
commit	721e80d6deece5ed6d7b2c1a160105830bf45b4b (patch)
tree	6d4de50b2c4015d7e09753cc0e4963660e3adb14 /src
parent	5250332e15a873d8e5a2ec6e7bc1f82d337b9081 (diff)
download	krb5-721e80d6deece5ed6d7b2c1a160105830bf45b4b.zip krb5-721e80d6deece5ed6d7b2c1a160105830bf45b4b.tar.gz krb5-721e80d6deece5ed6d7b2c1a160105830bf45b4b.tar.bz2