pull up r19582 from trunk

 r19582@cathode-dark-space:  tlyu | 2007-06-18 17:07:37 -0400
 ticket: new
 subject: krb5_walk_realm_tree leaks in capaths case
 target_version: 1.6.2
 tags: pullup

 Markus Moeller reports a leak in krb5_get_credentials() which was then
 traced down to profile strings leaking from within
 krb5_walk_realm_tree().  A pointer to a profile string was getting
 overwritten without the string being freed when *cap_nodes[0] == '.'.
 Fix is to free the string prior to overwriting the pointer if the
 pointer is non-null.

ticket: 5579
version_fixed: 1.6.2

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@19593 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/krb5/krb/walk_rtree.c b/src/lib/krb5/krb/walk_rtree.c
index 7210be7c716c33b80fb913b85e6a9617acdee0ef..c4673caa8c67b2f03a7696ff9ff602359de85f03 100644 (file)
--- a/src/lib/krb5/krb/walk_rtree.c
+++ b/src/lib/krb5/krb/walk_rtree.c
@@ -167,6 +167,9 @@ krb5_walk_realm_tree(krb5_context context, const krb5_data *client, const krb5_d
                links++;
            }
        }
+       if (cap_nodes[links] != NULL)
+           krb5_xfree(cap_nodes[links]);
+
        cap_nodes[links] = cap_server; /* put server on end of list */
        /* this simplifies the code later and make */
        /* cleanup eaiser as well */