Plug memory leaks, and other miscellaneous bugs reported by Jim Miller

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@3914 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/kadmin/server/ChangeLog b/src/kadmin/server/ChangeLog
new file mode 100644 (file)
index 0000000..50600c6
--- /dev/null
+++ b/src/kadmin/server/ChangeLog
@@ -0,0 +1,15 @@
+Fri Jun 24 20:39:37 1994  Theodore Y. Ts'o  (tytso at tsx-11)
+
+       * adm_process.c (process_client): Plug memory leaks
+
+       * adm_adm_func. (adm_inq_old_key): Plug memory leaks, return error
+         when adm_fmt_prt returns an error
+
+       * adm_adm_func.c (adm_mod_old_key): Plug memory leaks, report error
+         if put_principal returns an error.
+
+       * adm_adm_func.c (adm_change_pwd_rnd): Fix syslog information
+
+       * adm_adm_func.c (adm_build_key): Plug memory leak
+
+

diff --git a/src/kadmin/server/adm_adm_func.c b/src/kadmin/server/adm_adm_func.c
index 32cb2d44e6613565ac5ade03d1bfb7c091c00bc7..2499c51738d487ddb0ae74e85f730d70905ff18d 100644 (file)
--- a/src/kadmin/server/adm_adm_func.c
+++ b/src/kadmin/server/adm_adm_func.c
@@ -154,6 +154,7 @@ krb5_db_entry entry;
     
     /* Send private message to Client */
     if (krb5_write_message(&client_server_info.client_socket, &msg_data)){
+       free(msg_data.data);
        com_err("adm_build_key", 0, "Error Performing Password Write");
        return(5);              /* Protocol Failure */
     }
@@ -280,7 +281,7 @@ krb5_ticket *client_creds;
 
     
     syslog(LOG_AUTH | LOG_INFO, 
-          "Remote Administrative Addition Request for %s by %s", 
+          "Remote Administrative Random Password Change Request for %s by %s", 
           customer_name, client_server_info.name_of_client);
     
     if (retval = krb5_parse_name(customer_name, &newprinc)) {
@@ -523,6 +524,7 @@ krb5_ticket *client_creds;
        
        if (!adm_princ_exists("adm_mod_old_key", newprinc,
                              &entry, &nprincs)) {
+           krb5_db_free_principal(&entry, nprincs);
            com_err("adm_mod_old_key", 0, 
                    "principal '%s' is not in the database", 
                    customer_name);
@@ -562,6 +564,7 @@ krb5_ticket *client_creds;
        free(outbuf.data);
        
        if (krb5_write_message(&client_server_info.client_socket, &msg_data)){
+           free(msg_data.data);
            krb5_free_principal(newprinc);
            krb5_db_free_principal(&entry, nprincs);
            com_err("adm_mod_old_key", 0, 
@@ -680,6 +683,12 @@ krb5_ticket *client_creds;
        }
        
        retval = krb5_db_put_principal(&entry, &one);
+       if (retval) {
+           com_err("adm_mod_old_key", retval, "while storing principal");
+           krb5_free_principal(newprinc);
+           krb5_db_free_principal(&entry, nprincs);
+           return(8);          /* Update failed */
+       }
        one = 1;
     }  /* for */
     
@@ -746,6 +755,7 @@ krb5_ticket *client_creds;
     
     if (!adm_princ_exists("adm_inq_old_key", newprinc,
                          &entry, &nprincs)) {
+       krb5_db_free_principal(&entry, nprincs);
        krb5_free_principal(newprinc);
        free(fullname);
        com_err("adm_inq_old_key", 0, "principal '%s' is not in the database", 
@@ -767,6 +777,7 @@ krb5_ticket *client_creds;
        krb5_free_principal(newprinc);
        free(fullname);
        com_err("adm_inq_old_key", 0, "Unable to Format Inquiry Data");
+       return(5);              /* XXX protocol failure --- not right, but.. */
     }
     outbuf.length = strlen(outbuf.data);
     krb5_db_free_principal(&entry, nprincs);
@@ -788,9 +799,11 @@ krb5_ticket *client_creds;
        free(outbuf.data);
        return(5);              /* Protocol Failure */
     }
+    free(outbuf.data);
     
     /* Send Inquiry Information */
     if (krb5_write_message(&client_server_info.client_socket, &msg_data)){
+       free(msg_data.data);
        com_err("adm_inq_old_key", 0, "Error Performing Write");
        return(5);              /* Protocol Failure */
     }
@@ -820,6 +833,8 @@ krb5_ticket *client_creds;
        return(5);              /* Protocol Failure */
     }
     
+    /* XXX Decrypt client response.... and we don't use it?!? */
+    
     free(msg_data.data);
     free(inbuf.data);
     return(retval);

diff --git a/src/kadmin/server/adm_process.c b/src/kadmin/server/adm_process.c
index 98b98bafedb26d1d308dbf86d10374f8fe8548a7..2eba71860ae70defe511890cd6d98d47cf8b33c6 100644 (file)
--- a/src/kadmin/server/adm_process.c
+++ b/src/kadmin/server/adm_process.c
@@ -277,8 +277,10 @@ char *prog;
                        error_message(retval));
        (void) sprintf(retbuf, "kadmind error during recvauth: %s\n", 
                        error_message(retval));
-       exit(1);
+       krb5_free_keyblock(cpw_key.key);
+       goto finish;
     }
+    krb5_free_keyblock(cpw_key.key);
 
     /* Check if ticket was issued using password (and not tgt)
      * within the last 5 minutes
@@ -355,6 +357,7 @@ char *prog;
                        0,
                        0,
                        &msg_data))) {
+       free(inbuf.data);
        syslog(LOG_ERR, "kadmind error: rd_priv:%s\n", error_message(retval));
        goto finish;
     }
@@ -427,6 +430,7 @@ char *prog;
         /* Send Final Reply to Client */
     if (retval = krb5_write_message(&client_server_info.client_socket,
                                        &msg_data)){
+       free(msg_data.data);
        syslog(LOG_ERR, "Error Performing Final Write: %s",
                        error_message(retval));
        retval = 1;