3 files changed, 14 insertions, 4 deletions

diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog
index ac27dec..3237548 100644
--- a/src/lib/gssapi/krb5/ChangeLog
+++ b/src/lib/gssapi/krb5/ChangeLog
@@ -1,3 +1,11 @@
+2004-08-27  Tom Yu  <tlyu@mit.edu>
+
+	* init_sec_context.c (make_ap_req_v1): Free checksum data
+	allocated by make_gss_checksum() to avoid leak.
+
+	* k5sealv3.c (gss_krb5int_unseal_token_v3): Free plain.data after
+	checksum is verified, to avoid leak.
+
 2004-08-26  Ken Raeburn  <raeburn@mit.edu>
 
 	* acquire_cred.c (krb5_gss_acquire_cred): Call
diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c
index adc5ad9..3ffb515 100644
--- a/src/lib/gssapi/krb5/init_sec_context.c
+++ b/src/lib/gssapi/krb5/init_sec_context.c
@@ -301,8 +301,10 @@ make_ap_req_v1(context, ctx, cred, k_cred, chan_bindings, mech_type, token)
     if (ctx->gss_flags & GSS_C_MUTUAL_FLAG)
 	mk_req_flags |= AP_OPTS_MUTUAL_REQUIRED;
 
-    if ((code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags,
-				     checksum_data, k_cred, &ap_req)))
+    code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags,
+				checksum_data, k_cred, &ap_req);
+    krb5_free_data_contents(context, &cksum_struct.checksum_data);
+    if (code)
 	goto cleanup;
 
    /* store the interesting stuff from creds and authent */
diff --git a/src/lib/gssapi/krb5/k5sealv3.c b/src/lib/gssapi/krb5/k5sealv3.c
index 710c6f5..9fa1bf7 100644
--- a/src/lib/gssapi/krb5/k5sealv3.c
+++ b/src/lib/gssapi/krb5/k5sealv3.c
@@ -477,14 +477,14 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr,
 	sum.checksum_type = ctx->cksumtype;
 	err = krb5_c_verify_checksum(context, key, key_usage,
 				     &plain, &sum, &valid);
+	free(plain.data);
+	plain.data = NULL;
 	if (err) {
 	error:
-	    free(plain.data);
 	    *minor_status = err;
 	    return GSS_S_BAD_SIG; /* XXX */
 	}
 	if (!valid) {
-	    free(plain.data);
 	    *minor_status = 0;
 	    return GSS_S_BAD_SIG;
 	}