* rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid
leak. Reported by Derrick Schommer.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16772
dc483132-0cff-0310-8789-
dd5450dbe970
+2004-09-21 Tom Yu <tlyu@mit.edu>
+
+ * rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid
+ leak, reported by Derrick Schommer.
+
2004-08-31 Tom Yu <tlyu@mit.edu>
* rd_rep.c:
static krb5_error_code
decrypt_credencdata(krb5_context context, krb5_cred *pcred, krb5_keyblock *pkeyblock, krb5_cred_enc_part *pcredenc)
{
- krb5_cred_enc_part * ppart;
+ krb5_cred_enc_part * ppart = NULL;
krb5_error_code retval;
krb5_data scratch;
retval = 0;
cleanup:
+ if (ppart != NULL) {
+ memset(ppart, 0, sizeof(*ppart));
+ krb5_xfree(ppart);
+ }
memset(scratch.data, 0, scratch.length);
krb5_xfree(scratch.data);