Memory leak in kdc etype_info2 preauth

	* kdc_preauth.c (return_etype_info2): After encoding the
	etype_info2 and copying the pointers to the pa_data, free the
	krb5_data pointer.

Ticket: new
Target_Version: 1.3
Tags: pickup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15483 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog
index 8e13108a485955152ad3efd4478e6b09e0fb8197..097fe7c9e37e102cdda54595bb23d86fb4a1fb0f 100644 (file)
--- a/src/kdc/ChangeLog
+++ b/src/kdc/ChangeLog
@@ -1,3 +1,9 @@
+2003-05-23  Ezra Peisach  <epeisach@mit.edu>
+
+       * kdc_preauth.c (return_etype_info2): After encoding the
+       etype_info2 and copying the pointers to the pa_data, free the
+       krb5_data pointer.
+
 2003-05-22  Sam Hartman  <hartmans@mit.edu>
 
        * do_tgs_req.c (process_tgs_req): LOG transited check disabled as info not error

diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c
index 963a25b7b20b5cdc7804255c9af6fe823a305489..3dcced412c4c742e4024f24bdc6e322246ed18c6 100644 (file)
--- a/src/kdc/kdc_preauth.c
+++ b/src/kdc/kdc_preauth.c
@@ -763,15 +763,21 @@ return_etype_info2(krb5_context context, krb5_pa_data * padata,
     tmp_padata->contents = scratch->data;
     tmp_padata->length = scratch->length;
     *send_pa = tmp_padata;
+
+    /* For cleanup - we no longer own the contents of the krb5_data 
+     * only to pointer to the krb5_data
+     */
+    scratch->data = 0;
+
  cleanup:
     if (entry)
        krb5_free_etype_info(context, entry);
     if (retval) {
        if (tmp_padata)
            free(tmp_padata);
-       if (scratch)
-           krb5_free_data(context, scratch);
     }
+    if (scratch)
+           krb5_free_data(context, scratch);
     return retval;
 }