projects / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cb4d170)
Changed to zero out the session key before freeing the credentials structure
authorTheodore Tso <tytso@mit.edu>
Wed, 19 Dec 1990 11:34:24 +0000 (11:34 +0000)
committerTheodore Tso <tytso@mit.edu>
Wed, 19 Dec 1990 11:34:24 +0000 (11:34 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1567 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/free/f_cred_cnt.c patch | blob | history

diff --git a/src/lib/krb5/free/f_cred_cnt.c b/src/lib/krb5/free/f_cred_cnt.c
index 89d532c71407fdea986f250a87061fe2024bf265..959272907b36b80f1faefd560780ad1b847c3741 100644 (file)
--- a/src/lib/krb5/free/f_cred_cnt.c
+++ b/src/lib/krb5/free/f_cred_cnt.c
@@ -19,6 +19,11 @@ static char rcsid_f_cred_cnt_c [] =
 #include <krb5/krb5.h>
 #include <krb5/ext-proto.h>
 
+/*
+ * krb5_free_cred_contents zeros out the session key, and then frees
+ * the credentials structures 
+ */
+
 void
 krb5_free_cred_contents(val)
 krb5_creds *val;
@@ -27,8 +32,10 @@ krb5_creds *val;
        krb5_free_principal(val->client);
     if (val->server)
        krb5_free_principal(val->server);
-    if (val->keyblock.contents)
+    if (val->keyblock.contents) {
+       memset((char *)val->keyblock.contents, 0, val->keyblock.length);
        xfree(val->keyblock.contents);
+    }
     if (val->ticket.data)
        xfree(val->ticket.data);
     if (val->second_ticket.data)
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.