memory leak in rd_cred.c
authorTom Yu <tlyu@mit.edu>
Tue, 21 Sep 2004 20:48:39 +0000 (20:48 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 21 Sep 2004 20:48:39 +0000 (20:48 +0000)
* rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid
leak.  Reported by Derrick Schommer.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16772 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/ChangeLog
src/lib/krb5/krb/rd_cred.c

index c8ef25821f0df3609d31e3a4828f739aa09e8dbb..c16ad787a059b2b9b3d72acb65cd920c8300be0a 100644 (file)
@@ -1,3 +1,8 @@
+2004-09-21  Tom Yu  <tlyu@mit.edu>
+
+       * rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid
+       leak, reported by Derrick Schommer.
+
 2004-08-31  Tom Yu  <tlyu@mit.edu>
 
        * rd_rep.c:
index 11be47f0506bc41c5a98b23320a3a2dce3745acb..a29eb052229ec7a920306cb6b5e4899c57b035d0 100644 (file)
@@ -14,7 +14,7 @@
 static krb5_error_code 
 decrypt_credencdata(krb5_context context, krb5_cred *pcred, krb5_keyblock *pkeyblock, krb5_cred_enc_part *pcredenc)
 {
-    krb5_cred_enc_part  * ppart;
+    krb5_cred_enc_part  * ppart = NULL;
     krb5_error_code      retval;
     krb5_data            scratch;
 
@@ -39,6 +39,10 @@ decrypt_credencdata(krb5_context context, krb5_cred *pcred, krb5_keyblock *pkeyb
     retval = 0;
 
 cleanup:
+    if (ppart != NULL) {
+       memset(ppart, 0, sizeof(*ppart));
+       krb5_xfree(ppart);
+    }
     memset(scratch.data, 0, scratch.length);
     krb5_xfree(scratch.data);