From fc87a96b29dd548b54eff6a1d0abc155a02fb497 Mon Sep 17 00:00:00 2001 From: Robbie Harwood Date: Tue, 18 Dec 2018 15:18:13 -0500 Subject: Fix double-close in ksu get_authorized_princ_names If list_union() fails due to an allocation failure, then close_time() will attempt to fclose users_fp and login_fp a second time. This bug was originally introduced in commit be95b52c2d0c21b1fe92f9f90166fc2fa8eecc95, and has been present in every krb5 release since 1.1. (cherry picked from commit 0b8c6f3e1e8e561aa56a7d4e2171320119991dae) ticket: 8768 version_fixed: 1.15.5 --- src/clients/ksu/heuristic.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/clients/ksu/heuristic.c b/src/clients/ksu/heuristic.c index 0d055e4..3eb28ab 100644 --- a/src/clients/ksu/heuristic.c +++ b/src/clients/ksu/heuristic.c @@ -266,7 +266,6 @@ get_authorized_princ_names(luser, cmd, princ_list) retval = list_union(k5login_list, k5users_filt_list, &combined_list); if (retval){ - close_time(k5users_flag,users_fp, k5login_flag,login_fp); return retval; } *princ_list = combined_list; -- cgit v1.1