* src/lib/krb5/ccache/cc_file.c: Adapted patch from Roland

	Dowdeswell to avoid possible double-free conditions on certain
	errors.

ticket: 4788
tags: pullup
target_version: 1.6
component: krb5-libs

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18897 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/krb5/ccache/cc_file.c b/src/lib/krb5/ccache/cc_file.c
index 5b11a0e01be76ba855318fd389e63fe7ce5b44ee..c87fef4e014149d12104914e3f4aafe4821a4954 100644 (file)
--- a/src/lib/krb5/ccache/cc_file.c
+++ b/src/lib/krb5/ccache/cc_file.c
@@ -443,6 +443,8 @@ krb5_fcc_read_principal(krb5_context context, krb5_ccache id, krb5_principal *pr
 
     k5_assert_locked(&((krb5_fcc_data *) id->data)->lock);
 
+    *princ = NULL;
+
     if (data->version == KRB5_FCC_FVNO_1) {
        type = KRB5_NT_UNKNOWN;
     } else {
@@ -538,15 +540,18 @@ krb5_fcc_read_addrs(krb5_context context, krb5_ccache id, krb5_address ***addrs)
          if ((*addrs)[i] == NULL) {
              krb5_free_addresses(context, *addrs);
              return KRB5_CC_NOMEM;
-         }       
+         }
+         (*addrs)[i]->contents = NULL;
          kret = krb5_fcc_read_addr(context, id, (*addrs)[i]);
          CHECK(kret);
      }
 
      return KRB5_OK;
  errout:
-     if (*addrs)
+     if (*addrs) {
         krb5_free_addresses(context, *addrs);
+        *addrs = NULL;
+     }
      return kret;
 }
 
@@ -593,8 +598,10 @@ krb5_fcc_read_keyblock(krb5_context context, krb5_ccache id, krb5_keyblock *keyb
 
      return KRB5_OK;
  errout:
-     if (keyblock->contents)
+     if (keyblock->contents) {
         krb5_xfree(keyblock->contents);
+        keyblock->contents = NULL;
+     }
      return kret;
 }
 
@@ -632,8 +639,10 @@ krb5_fcc_read_data(krb5_context context, krb5_ccache id, krb5_data *data)
      data->data[data->length] = 0; /* Null terminate, just in case.... */
      return KRB5_OK;
  errout:
-     if (data->data)
+     if (data->data) {
         krb5_xfree(data->data);
+        data->data = NULL;
+     }
      return kret;
 }
 
@@ -675,8 +684,10 @@ krb5_fcc_read_addr(krb5_context context, krb5_ccache id, krb5_address *addr)
 
      return KRB5_OK;
  errout:
-     if (addr->contents)
+     if (addr->contents) {
         krb5_xfree(addr->contents);
+        addr->contents = NULL;
+     }
      return kret;
 }
 
@@ -804,15 +815,18 @@ krb5_fcc_read_authdata(krb5_context context, krb5_ccache id, krb5_authdata ***a)
          if ((*a)[i] == NULL) {
              krb5_free_authdata(context, *a);
              return KRB5_CC_NOMEM;
-         }       
+         }
+         (*a)[i]->contents = NULL;
          kret = krb5_fcc_read_authdatum(context, id, (*a)[i]);
          CHECK(kret);
      }
 
      return KRB5_OK;
  errout:
-     if (*a)
+     if (*a) {
         krb5_free_authdata(context, *a);
+        *a = NULL;
+     }
      return kret;
 }
 
@@ -853,8 +867,10 @@ krb5_fcc_read_authdatum(krb5_context context, krb5_ccache id, krb5_authdata *a)
     
      return KRB5_OK;
  errout:
-     if (a->contents)
+     if (a->contents) {
         krb5_xfree(a->contents);
+        a->contents = NULL;
+     }
      return kret;
     
 }