Don't leak the mechanism internal context when we get an error in the
authorGreg Hudson <ghudson@mit.edu>
Tue, 22 Feb 2011 20:30:24 +0000 (20:30 +0000)
committerGreg Hudson <ghudson@mit.edu>
Tue, 22 Feb 2011 20:30:24 +0000 (20:30 +0000)
mechglue's gss_accept_sec_context.

From aberry@likewise.com.

ticket: 6813

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24645 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/gssapi/mechglue/g_accept_sec_context.c

index d585de78776301f459f13d7155afd45dcb0b12cc..cf21c151343c966e01fe567aa5dee7624f8fb877 100644 (file)
@@ -352,9 +352,14 @@ error_out:
            if (union_ctx_id->mech_type->elements)
                free(union_ctx_id->mech_type->elements);
            free(union_ctx_id->mech_type);
-           *context_handle = GSS_C_NO_CONTEXT;
+       }
+       if (union_ctx_id->internal_ctx_id && mech->gss_delete_sec_context) {
+           mech->gss_delete_sec_context(&temp_minor_status,
+                                        &union_ctx_id->internal_ctx_id,
+                                        GSS_C_NO_BUFFER);
        }
        free(union_ctx_id);
+       *context_handle = GSS_C_NO_CONTEXT;
     }
 
     if (src_name)