Fix multiple tl-data updates over iprop

krb5_dbe_update_tl_data() accepts a single read-only tl-data entry,
but ulog_conv_2dbentry() expects it to process a full list.  Fix
ulog_conv_2dbentry() to call krb5_db2_update_tl_data() on each entry
individually, simplifying its memory management in the process.

ticket: 6913
target_version: 1.9.2
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24937 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/kdb/kdb_convert.c b/src/lib/kdb/kdb_convert.c
index 7e97a9eefdefa8037cf18ad1796e138ba972b3f3..f08d4233b707aeda5c5ff1342b35c49266137b8f 100644 (file)
--- a/src/lib/kdb/kdb_convert.c
+++ b/src/lib/kdb/kdb_convert.c
@@ -585,7 +585,7 @@ ulog_conv_2dbentry(krb5_context context, krb5_db_entry **entry,
     int i, j, cnt = 0, mod_time = 0, nattrs;
     krb5_principal dbprinc;
     char *dbprincstr = NULL;
-    krb5_tl_data *newtl = NULL;
+    krb5_tl_data newtl;
     krb5_error_code ret;
     unsigned int prev_n_keys = 0;
     krb5_boolean is_add;
@@ -732,40 +732,13 @@ ulog_conv_2dbentry(krb5_context context, krb5_db_entry **entry,
             break;
 
         case AT_TL_DATA: {
-            int t;
-
-            cnt = u.av_tldata.av_tldata_len;
-            newtl = calloc(cnt, sizeof (krb5_tl_data));
-            if (newtl == NULL)
-                return (ENOMEM);
-
-            for (j = 0, t = 0; j < cnt; j++) {
-                newtl[t].tl_data_type = (krb5_int16)u.av_tldata.av_tldata_val[j].tl_type;
-                newtl[t].tl_data_length = (krb5_int16)u.av_tldata.av_tldata_val[j].tl_data.tl_data_len;
-                newtl[t].tl_data_contents = malloc(newtl[t].tl_data_length * sizeof (krb5_octet));
-                if (newtl[t].tl_data_contents == NULL)
-                    /* XXX Memory leak: newtl
-                       and previously
-                       allocated elements.  */
-                    return (ENOMEM);
-
-                (void) memcpy(newtl[t].tl_data_contents, u.av_tldata.av_tldata_val[t].tl_data.tl_data_val, newtl[t].tl_data_length);
-                newtl[t].tl_data_next = NULL;
-                if (t > 0)
-                    newtl[t - 1].tl_data_next = &newtl[t];
-                t++;
-            }
-
-            if ((ret = krb5_dbe_update_tl_data(context, ent, newtl)))
-                return (ret);
-            for (j = 0; j < t; j++)
-                if (newtl[j].tl_data_contents) {
-                    free(newtl[j].tl_data_contents);
-                    newtl[j].tl_data_contents = NULL;
-                }
-            if (newtl) {
-                free(newtl);
-                newtl = NULL;
+            for (j = 0; j < (int)u.av_tldata.av_tldata_len; j++) {
+                newtl.tl_data_type = (krb5_int16)u.av_tldata.av_tldata_val[j].tl_type;
+                newtl.tl_data_length = (krb5_int16)u.av_tldata.av_tldata_val[j].tl_data.tl_data_len;
+                newtl.tl_data_contents = (krb5_octet *)u.av_tldata.av_tldata_val[j].tl_data.tl_data_val;
+                newtl.tl_data_next = NULL;
+                if ((ret = krb5_dbe_update_tl_data(context, ent, &newtl)))
+                    return (ret);
             }
             break;
 /* END CSTYLED */