Use gssalloc memory management where appropriate
authorSam Hartman <hartmans@mit.edu>
Fri, 14 Oct 2011 14:40:10 +0000 (14:40 +0000)
committerSam Hartman <hartmans@mit.edu>
Fri, 14 Oct 2011 14:40:10 +0000 (14:40 +0000)
gss_buffer_t may be freed in a different module from where they
are allocated so it is not safe to use strdup/malloc/calloc/free.
similarly, gss_OID_set need to use gssalloc functions.

Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25332 dc483132-0cff-0310-8789-dd5450dbe970

17 files changed:
src/appl/gss-sample/gss-server.c
src/lib/gssapi/generic/oid_ops.c
src/lib/gssapi/generic/rel_buffer.c
src/lib/gssapi/generic/rel_oid_set.c
src/lib/gssapi/generic/util_buffer.c
src/lib/gssapi/krb5/accept_sec_context.c
src/lib/gssapi/krb5/gssapi_krb5.c
src/lib/gssapi/krb5/init_sec_context.c
src/lib/gssapi/krb5/k5seal.c
src/lib/gssapi/krb5/k5sealv3.c
src/lib/gssapi/krb5/k5unseal.c
src/lib/gssapi/krb5/util_crypt.c
src/lib/gssapi/mechglue/g_dsp_status.c
src/lib/gssapi/mechglue/g_glue.c
src/lib/gssapi/mechglue/g_rel_buffer.c
src/lib/gssapi/mechglue/g_rel_name.c
src/lib/gssapi/mechglue/g_wrap_aead.c

index d914933127da49080293247ab0087c6025d7f45b..2e56e06ab0202d35683c95d7a98994e8f8b4ed54 100644 (file)
@@ -415,13 +415,14 @@ test_import_export_context(gss_ctx_id_t *context)
 static int
 sign_server(int s, gss_cred_id_t server_creds, int export)
 {
-    gss_buffer_desc client_name, xmit_buf, msg_buf;
+    gss_buffer_desc client_name, recv_buf, unwrap_buf, mic_buf, *msg_buf, *send_buf;
     gss_ctx_id_t context;
     OM_uint32 maj_stat, min_stat;
     int     i, conf_state;
     OM_uint32 ret_flags;
     char   *cp;
     int     token_flags;
+    int     send_flags;
 
     /* Establish a context with the client */
     if (server_establish_context(s, server_creds, &context,
@@ -444,22 +445,22 @@ sign_server(int s, gss_cred_id_t server_creds, int export)
 
     do {
         /* Receive the message token */
-        if (recv_token(s, &token_flags, &xmit_buf) < 0)
+        if (recv_token(s, &token_flags, &recv_buf) < 0)
             return (-1);
 
         if (token_flags & TOKEN_NOOP) {
             if (logfile)
                 fprintf(logfile, "NOOP token\n");
-            if (xmit_buf.value) {
-                free(xmit_buf.value);
-                xmit_buf.value = 0;
+            if (recv_buf.value) {
+                free(recv_buf.value);
+                recv_buf.value = 0;
             }
             break;
         }
 
         if (verbose && logfile) {
             fprintf(logfile, "Message token (flags=%d):\n", token_flags);
-            print_token(&xmit_buf);
+            print_token(&recv_buf);
         }
 
         if ((context == GSS_C_NO_CONTEXT) &&
@@ -468,77 +469,81 @@ sign_server(int s, gss_cred_id_t server_creds, int export)
             if (logfile)
                 fprintf(logfile,
                         "Unauthenticated client requested authenticated services!\n");
-            if (xmit_buf.value) {
-                free(xmit_buf.value);
-                xmit_buf.value = 0;
+            if (recv_buf.value) {
+                free(recv_buf.value);
+                recv_buf.value = 0;
             }
             return (-1);
         }
 
         if (token_flags & TOKEN_WRAPPED) {
-            maj_stat = gss_unwrap(&min_stat, context, &xmit_buf, &msg_buf,
+            maj_stat = gss_unwrap(&min_stat, context, &recv_buf, &unwrap_buf,
                                   &conf_state, (gss_qop_t *) NULL);
             if (maj_stat != GSS_S_COMPLETE) {
                 display_status("unsealing message", maj_stat, min_stat);
-                if (xmit_buf.value) {
-                    free(xmit_buf.value);
-                    xmit_buf.value = 0;
+                if (recv_buf.value) {
+                    free(recv_buf.value);
+                    recv_buf.value = 0;
                 }
                 return (-1);
             } else if (!conf_state && (token_flags & TOKEN_ENCRYPTED)) {
                 fprintf(stderr, "Warning!  Message not encrypted.\n");
             }
 
-            if (xmit_buf.value) {
-                free(xmit_buf.value);
-                xmit_buf.value = 0;
+            if (recv_buf.value) {
+                free(recv_buf.value);
+                recv_buf.value = 0;
             }
+            msg_buf = &unwrap_buf;
         } else {
-            msg_buf = xmit_buf;
+            unwrap_buf.value = NULL;
+            unwrap_buf.length = 0;
+            msg_buf = &recv_buf;
         }
 
         if (logfile) {
             fprintf(logfile, "Received message: ");
-            cp = msg_buf.value;
+            cp = msg_buf->value;
             if ((isprint((int) cp[0]) || isspace((int) cp[0])) &&
                 (isprint((int) cp[1]) || isspace((int) cp[1]))) {
-                fprintf(logfile, "\"%.*s\"\n", (int) msg_buf.length,
-                        (char *) msg_buf.value);
+                fprintf(logfile, "\"%.*s\"\n", (int) msg_buf->length,
+                        (char *) msg_buf->value);
             } else {
                 fprintf(logfile, "\n");
-                print_token(&msg_buf);
+                print_token(msg_buf);
             }
         }
 
         if (token_flags & TOKEN_SEND_MIC) {
             /* Produce a signature block for the message */
             maj_stat = gss_get_mic(&min_stat, context, GSS_C_QOP_DEFAULT,
-                                   &msg_buf, &xmit_buf);
+                                   msg_buf, &mic_buf);
             if (maj_stat != GSS_S_COMPLETE) {
                 display_status("signing message", maj_stat, min_stat);
                 return (-1);
             }
+            send_flags = TOKEN_MIC;
+            send_buf = &mic_buf;
+        } else {
+            mic_buf.value = NULL;
+            mic_buf.length = 0;
+            send_flags = TOKEN_NOOP;
+            send_buf = empty_token;
+        }
+        if (recv_buf.value) {
+            free(recv_buf.value);
+            recv_buf.value = NULL;
+        }
+        if (unwrap_buf.value) {
+            gss_release_buffer(&min_stat, &unwrap_buf);
+        }
 
-            if (msg_buf.value) {
-                free(msg_buf.value);
-                msg_buf.value = 0;
-            }
-
-            /* Send the signature block to the client */
-            if (send_token(s, TOKEN_MIC, &xmit_buf) < 0)
-                return (-1);
+        /* Send the signature block or NOOP to the client */
+        if (send_token(s, send_flags, send_buf) < 0)
+            return (-1);
 
-            if (xmit_buf.value) {
-                free(xmit_buf.value);
-                xmit_buf.value = 0;
-            }
-        } else {
-            if (msg_buf.value) {
-                free(msg_buf.value);
-                msg_buf.value = 0;
-            }
-            if (send_token(s, TOKEN_NOOP, empty_token) < 0)
-                return (-1);
+        if (mic_buf.value) {
+            gss_release_buffer(&min_stat, &mic_buf);
         }
     } while (1 /* loop will break if NOOP received */ );
 
index c4235429518d0363ca8d9c237fd8f4fec6b94ed5..f507ccdc1eb043390770289acbf5e20fe6554668 100644 (file)
@@ -129,7 +129,7 @@ generic_gss_create_empty_oid_set(OM_uint32 *minor_status, gss_OID_set *oid_set)
 {
     *minor_status = 0;
 
-    if ((*oid_set = (gss_OID_set) malloc(sizeof(gss_OID_set_desc)))) {
+    if ((*oid_set = (gss_OID_set) gssalloc_malloc(sizeof(gss_OID_set_desc)))) {
         memset(*oid_set, 0, sizeof(gss_OID_set_desc));
         return(GSS_S_COMPLETE);
     }
@@ -155,7 +155,7 @@ generic_gss_add_oid_set_member(OM_uint32 *minor_status,
 
     elist = (*oid_set)->elements;
     /* Get an enlarged copy of the array */
-    if (((*oid_set)->elements = (gss_OID) malloc(((*oid_set)->count+1) *
+    if (((*oid_set)->elements = (gss_OID) gssalloc_malloc(((*oid_set)->count+1) *
                                                  sizeof(gss_OID_desc)))) {
         /* Copy in the old junk */
         if (elist)
@@ -166,7 +166,7 @@ generic_gss_add_oid_set_member(OM_uint32 *minor_status,
         /* Duplicate the input element */
         lastel = &(*oid_set)->elements[(*oid_set)->count];
         if ((lastel->elements =
-             (void *) malloc((size_t) member_oid->length))) {
+             (void *) gssalloc_malloc((size_t) member_oid->length))) {
             /* Success - copy elements */
             memcpy(lastel->elements, member_oid->elements,
                    (size_t) member_oid->length);
@@ -176,12 +176,12 @@ generic_gss_add_oid_set_member(OM_uint32 *minor_status,
             /* Update count */
             (*oid_set)->count++;
             if (elist)
-                free(elist);
+                gssalloc_free(elist);
             *minor_status = 0;
             return(GSS_S_COMPLETE);
         }
         else
-            free((*oid_set)->elements);
+            gssalloc_free((*oid_set)->elements);
     }
     /* Failure - restore old contents of list */
     (*oid_set)->elements = elist;
@@ -270,9 +270,7 @@ generic_gss_oid_to_str(OM_uint32 *minor_status,
         *minor_status = ENOMEM;
         return(GSS_S_FAILURE);
     }
-    oid_str->length = krb5int_buf_len(&buf)+1;
-    oid_str->value = (void *) bp;
-    return(GSS_S_COMPLETE);
+    return k5buf_to_gss(minor_status, &buf, oid_str);
 }
 
 OM_uint32
@@ -517,13 +515,13 @@ generic_gss_copy_oid_set(OM_uint32 *minor_status,
     if (new_oidset == NULL)
         return (GSS_S_CALL_INACCESSIBLE_WRITE);
 
-    if ((copy = (gss_OID_set_desc *) calloc(1, sizeof (*copy))) == NULL) {
+    if ((copy = (gss_OID_set_desc *) gssalloc_calloc(1, sizeof (*copy))) == NULL) {
         major = GSS_S_FAILURE;
         goto done;
     }
 
     if ((copy->elements = (gss_OID_desc *)
-         calloc(oidset->count, sizeof (*copy->elements))) == NULL) {
+         gssalloc_calloc(oidset->count, sizeof (*copy->elements))) == NULL) {
         major = GSS_S_FAILURE;
         goto done;
     }
@@ -533,7 +531,7 @@ generic_gss_copy_oid_set(OM_uint32 *minor_status,
         gss_OID_desc *out = &copy->elements[i];
         gss_OID_desc *in = &oidset->elements[i];
 
-        if ((out->elements = (void *) malloc(in->length)) == NULL) {
+        if ((out->elements = (void *) gssalloc_malloc(in->length)) == NULL) {
             major = GSS_S_FAILURE;
             goto done;
         }
index fb671236300f164059c9c25d4ff648c7abe61965..44dc98157b79f0ef0c41437a64a70d9f01e12bf6 100644 (file)
@@ -48,7 +48,7 @@ generic_gss_release_buffer(
         return(GSS_S_COMPLETE);
 
     if (buffer->value) {
-        free(buffer->value);
+        gssalloc_free(buffer->value);
         buffer->length = 0;
         buffer->value = NULL;
     }
index 61c15cdab0faa712199aa81d16b219cd89b5ebf8..954542e40754873eddb4ee52199b6cda9ca58f7f 100644 (file)
@@ -50,10 +50,10 @@ generic_gss_release_oid_set(
         return(GSS_S_COMPLETE);
 
     for (i=0; i<(*set)->count; i++)
-        free((*set)->elements[i].elements);
+        gssalloc_free((*set)->elements[i].elements);
 
-    free((*set)->elements);
-    free(*set);
+    gssalloc_free((*set)->elements);
+    gssalloc_free(*set);
 
     *set = GSS_C_NULL_OID_SET;
 
index 81d86fc76095ed902210e6988f46f174460b7696..da2d8329137097c1651a8d0060a81404d995a7c5 100644 (file)
@@ -39,7 +39,7 @@ int g_make_string_buffer(const char *str, gss_buffer_t buffer)
 
     buffer->length = strlen(str);
 
-    if ((buffer->value = strdup(str)) == NULL) {
+    if ((buffer->value = gssalloc_strdup(str)) == NULL) {
         buffer->length = 0;
         return(0);
     }
index 40dfa8bd26604436899f79007cb08b94256d2fdb..7dca130d530c867dce9e6ca86a8d8812ee2f079d 100644 (file)
@@ -1109,9 +1109,12 @@ kg_accept_krb5(minor_status, context_handle,
             /* in order to force acceptor subkey to be used, don't set PROT_READY */
 
             /* Raw AP-REP is returned */
-            output_token->length = ap_rep.length;
-            output_token->value = ap_rep.data;
-            ap_rep.data = NULL; /* don't double free */
+            code = data_to_gss(&ap_rep, output_token);
+            if (code)
+            {
+                major_status = GSS_S_FAILURE;
+                goto fail;
+            }
 
             ctx->established = 0;
 
@@ -1128,7 +1131,7 @@ kg_accept_krb5(minor_status, context_handle,
 
         token.length = g_token_size(mech_used, ap_rep.length);
 
-        if ((token.value = (unsigned char *) xmalloc(token.length))
+        if ((token.value = (unsigned char *) gssalloc_malloc(token.length))
             == NULL) {
             major_status = GSS_S_FAILURE;
             code = ENOMEM;
index 48918b461bc08fe27e0ca959f15ea4a38b08b79c..068af434dff807985d9a374154b2f80212fc4a9c 100644 (file)
@@ -768,7 +768,7 @@ krb5_gss_localname(OM_uint32 *minor,
 
 
     krb5_free_context(context);
-    localname->value = strdup(lname);
+    localname->value = gssalloc_strdup(lname);
     localname->length = strlen(lname);
 
     return (code == 0) ? GSS_S_COMPLETE : GSS_S_FAILURE;
index 631840c8b2fa061bc3b2f66915208290b181c09c..1b8120c1d4fc16af71f3701f1c9865d5c15e27a7 100644 (file)
@@ -475,15 +475,14 @@ make_ap_req_v1(context, ctx, cred, k_cred, ad_context,
          * For DCE RPC, do not encapsulate the AP-REQ in the
          * typical GSS wrapping.
          */
-        token->length = ap_req.length;
-        token->value = ap_req.data;
-
-        ap_req.data = NULL; /* don't double free */
+        code = data_to_gss(&ap_req, token);
+        if (code)
+            goto cleanup;
     } else {
         /* allocate space for the token */
         tlen = g_token_size((gss_OID) mech_type, ap_req.length);
 
-        if ((t = (unsigned char *) xmalloc(tlen)) == NULL) {
+        if ((t = (unsigned char *) gssalloc_malloc(tlen)) == NULL) {
             code = ENOMEM;
             goto cleanup;
         }
@@ -880,8 +879,9 @@ mutual_auth(
         if (code)
             goto fail;
 
-        output_token->value = outbuf.data;
-        output_token->length = outbuf.length;
+        code = data_to_gss(&outbuf, output_token);
+        if (code)
+            goto fail;
     }
 
     /* set established */
index ad2a3cf9b8d44aaab60e095d5070561012df4fe4..41604dc4ed5aff1a40b5fd780f09394f45bdef5d 100644 (file)
@@ -112,7 +112,7 @@ make_seal_token_v1 (krb5_context context,
     }
     tlen = g_token_size((gss_OID) oid, 14+cksum_size+tmsglen);
 
-    if ((t = (unsigned char *) xmalloc(tlen)) == NULL)
+    if ((t = (unsigned char *) gssalloc_malloc(tlen)) == NULL)
         return(ENOMEM);
 
     /*** fill in the token */
@@ -159,14 +159,14 @@ make_seal_token_v1 (krb5_context context,
 
     code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
     if (code) {
-        xfree(t);
+        gssalloc_free(t);
         return(code);
     }
     md5cksum.length = sumlen;
 
 
     if ((plain = (unsigned char *) xmalloc(msglen ? msglen : 1)) == NULL) {
-        xfree(t);
+        gssalloc_free(t);
         return(ENOMEM);
     }
 
@@ -174,7 +174,7 @@ make_seal_token_v1 (krb5_context context,
         if ((code = kg_make_confounder(context, enc->keyblock.enctype,
                                        plain))) {
             xfree(plain);
-            xfree(t);
+            gssalloc_free(t);
             return(code);
         }
     }
@@ -188,7 +188,7 @@ make_seal_token_v1 (krb5_context context,
     if (! (data_ptr =
            (char *) xmalloc(8 + (bigend ? text->length : msglen)))) {
         xfree(plain);
-        xfree(t);
+        gssalloc_free(t);
         return(ENOMEM);
     }
     (void) memcpy(data_ptr, ptr-2, 8);
@@ -204,7 +204,7 @@ make_seal_token_v1 (krb5_context context,
 
     if (code) {
         xfree(plain);
-        xfree(t);
+        gssalloc_free(t);
         return(code);
     }
     switch(signalg) {
@@ -218,7 +218,7 @@ make_seal_token_v1 (krb5_context context,
         if (code) {
             krb5_free_checksum_contents(context, &md5cksum);
             xfree (plain);
-            xfree(t);
+            gssalloc_free(t);
             return code;
         }
 
@@ -249,7 +249,7 @@ make_seal_token_v1 (krb5_context context,
     if ((code = kg_make_seq_num(context, seq, direction?0:0xff,
                                 (krb5_ui_4)*seqnum, ptr+14, ptr+6))) {
         xfree (plain);
-        xfree(t);
+        gssalloc_free(t);
         return(code);
     }
 
@@ -265,7 +265,7 @@ make_seal_token_v1 (krb5_context context,
             if (code)
             {
                 xfree(plain);
-                xfree(t);
+                gssalloc_free(t);
                 return(code);
             }
             assert (enc_key->length == 16);
@@ -279,7 +279,7 @@ make_seal_token_v1 (krb5_context context,
             if (code)
             {
                 xfree(plain);
-                xfree(t);
+                gssalloc_free(t);
                 return(code);
             }
         }
@@ -290,7 +290,7 @@ make_seal_token_v1 (krb5_context context,
                                    (krb5_pointer) (ptr+cksum_size+14),
                                    tmsglen))) {
                 xfree(plain);
-                xfree(t);
+                gssalloc_free(t);
                 return(code);
             }
         }
index f050f6deaba0e2a7bfe388618c5b86226d416bbd..ac3d44d8f3e9c60d37df26cddc71ea114716abfd 100644 (file)
@@ -136,7 +136,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
         /* Get size of ciphertext.  */
         bufsize = 16 + krb5_encrypt_size (plain.length, key->keyblock.enctype);
         /* Allocate space for header plus encrypted data.  */
-        outbuf = malloc(bufsize);
+        outbuf = gssalloc_malloc(bufsize);
         if (outbuf == NULL) {
             free(plain.data);
             return ENOMEM;
@@ -204,7 +204,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
         assert(cksumsize <= 0xffff);
 
         bufsize = 16 + message2->length + cksumsize;
-        outbuf = malloc(bufsize);
+        outbuf = gssalloc_malloc(bufsize);
         if (outbuf == NULL) {
             free(plain.data);
             plain.data = 0;
@@ -290,7 +290,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
     return 0;
 
 error:
-    free(outbuf);
+    gssalloc_free(outbuf);
     token->value = NULL;
     token->length = 0;
     return err;
@@ -401,13 +401,13 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr,
             cipher.ciphertext.length = bodysize - 16;
             cipher.ciphertext.data = (char *)ptr + 16;
             plain.length = bodysize - 16;
-            plain.data = malloc(plain.length);
+            plain.data = gssalloc_malloc(plain.length);
             if (plain.data == NULL)
                 goto no_mem;
             err = krb5_k_decrypt(context, key, key_usage, 0,
                                  &cipher, &plain);
             if (err) {
-                free(plain.data);
+                gssalloc_free(plain.data);
                 goto error;
             }
             /* Don't use bodysize here!  Use the fact that
@@ -424,7 +424,7 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr,
             message_buffer->value = plain.data;
             message_buffer->length = plain.length - ec - 16;
             if(message_buffer->length == 0) {
-                free(message_buffer->value);
+                gssalloc_free(message_buffer->value);
                 message_buffer->value = NULL;
             }
         } else {
@@ -467,7 +467,7 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr,
                 return GSS_S_BAD_SIG;
             }
             message_buffer->length = plain.length - 16;
-            message_buffer->value = malloc(message_buffer->length);
+            message_buffer->value = gssalloc_malloc(message_buffer->length);
             if (message_buffer->value == NULL)
                 goto no_mem;
             memcpy(message_buffer->value, plain.data, message_buffer->length);
index f864cc5ca3d38f2a1894a5b37b3bbf0534ca56d5..935198054d6b8ee1b0d3880e62d1d96d962f8d3c 100644 (file)
@@ -214,7 +214,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
         }
 
         if (token.length) {
-            if ((token.value = (void *) xmalloc(token.length)) == NULL) {
+            if ((token.value = (void *) gssalloc_malloc(token.length)) == NULL) {
                 if (sealalg != 0xffff)
                     xfree(plain);
                 *minor_status = ENOMEM;
@@ -272,7 +272,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
             if (sealalg != 0xffff)
                 xfree(plain);
             if (toktype == KG_TOK_SEAL_MSG)
-                xfree(token.value);
+                gssalloc_free(token.value);
             *minor_status = ENOMEM;
             return(GSS_S_FAILURE);
         }
@@ -293,7 +293,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
 
         if (code) {
             if (toktype == KG_TOK_SEAL_MSG)
-                xfree(token.value);
+                gssalloc_free(token.value);
             *minor_status = code;
             return(GSS_S_FAILURE);
         }
@@ -306,7 +306,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
         if (code) {
             krb5_free_checksum_contents(context, &md5cksum);
             if (toktype == KG_TOK_SEAL_MSG)
-                xfree(token.value);
+                gssalloc_free(token.value);
             *minor_status = code;
             return GSS_S_FAILURE;
         }
@@ -327,7 +327,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
             if (sealalg != 0xffff)
                 xfree(plain);
             if (toktype == KG_TOK_SEAL_MSG)
-                xfree(token.value);
+                gssalloc_free(token.value);
             *minor_status = code;
             return GSS_S_FAILURE;
         }
@@ -339,7 +339,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
             if (sealalg == 0)
                 xfree(plain);
             if (toktype == KG_TOK_SEAL_MSG)
-                xfree(token.value);
+                gssalloc_free(token.value);
             *minor_status = ENOMEM;
             return(GSS_S_FAILURE);
         }
@@ -364,7 +364,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
             if (sealalg == 0)
                 xfree(plain);
             if (toktype == KG_TOK_SEAL_MSG)
-                xfree(token.value);
+                gssalloc_free(token.value);
             *minor_status = code;
             return(GSS_S_FAILURE);
         }
@@ -387,7 +387,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
             if (sealalg != 0xffff)
                 xfree(plain);
             if (toktype == KG_TOK_SEAL_MSG)
-                xfree(token.value);
+                gssalloc_free(token.value);
             *minor_status = ENOMEM;
             return(GSS_S_FAILURE);
         }
@@ -408,7 +408,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
 
         if (code) {
             if (toktype == KG_TOK_SEAL_MSG)
-                xfree(token.value);
+                gssalloc_free(token.value);
             *minor_status = code;
             return(GSS_S_FAILURE);
         }
@@ -425,7 +425,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
 
     if (code) {
         if (toktype == KG_TOK_SEAL_MSG)
-            xfree(token.value);
+            gssalloc_free(token.value);
         *minor_status = 0;
         return(GSS_S_BAD_SIG);
     }
@@ -447,7 +447,7 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer,
     if ((ctx->initiate && direction != 0xff) ||
         (!ctx->initiate && direction != 0)) {
         if (toktype == KG_TOK_SEAL_MSG) {
-            xfree(token.value);
+            gssalloc_free(token.value);
             message_buffer->value = NULL;
             message_buffer->length = 0;
         }
index 0063817796bd0d46de6aa5900e36b8a1cb352cc9..b7b4a0a605ec44a439b6b9cc5dd1b29eb80bfc4b 100644 (file)
@@ -661,7 +661,7 @@ kg_release_iov(gss_iov_buffer_desc *iov, int iov_count)
 
     for (i = 0; i < iov_count; i++) {
         if (iov[i].type & GSS_IOV_BUFFER_FLAG_ALLOCATED) {
-            free(iov[i].buffer.value);
+            gssalloc_free(iov[i].buffer.value);
             iov[i].buffer.length = 0;
             iov[i].buffer.value = NULL;
             iov[i].type &= ~(GSS_IOV_BUFFER_FLAG_ALLOCATED);
@@ -761,7 +761,7 @@ kg_allocate_iov(gss_iov_buffer_t iov, size_t size)
     assert(iov->type & GSS_IOV_BUFFER_FLAG_ALLOCATE);
 
     iov->buffer.length = size;
-    iov->buffer.value = xmalloc(size);
+    iov->buffer.value = gssalloc_malloc(size);
     if (iov->buffer.value == NULL) {
         iov->buffer.length = 0;
         return ENOMEM;
index 13f104bea85bdf0f45374b935f7768d0d3e6c976..0df34be16fcc7376f19918129544bbc37306439d 100644 (file)
@@ -84,7 +84,7 @@ gss_buffer_t          status_string;
        mapped to a flat numbering space.  Look up the value we got
        passed.  If it's not found, complain.  */
     if (status_value == 0) {
-       status_string->value = strdup("Unknown error");
+       status_string->value = gssalloc_strdup("Unknown error");
        if (status_string->value == NULL) {
            *minor_status = ENOMEM;
            map_errcode(minor_status);
@@ -353,7 +353,7 @@ gss_buffer_t outStr;
 
        /* now copy the status code and return to caller */
        outStr->length = strlen(errStr);
-       outStr->value = strdup(errStr);
+       outStr->value = gssalloc_strdup(errStr);
        if (outStr->value == NULL) {
                outStr->length = 0;
                return (GSS_S_FAILURE);
index 90febd5b9b6b56f98e29701a0e6db0956ae34ac0..20485239e169b2998c5ea2960c25121df70a7b82 100644 (file)
@@ -724,7 +724,7 @@ gssint_create_copy_buffer(srcBuf, destBuf, addNullChar)
     else
        len = srcBuf->length;
 
-    if (!(aBuf->value = (void*)malloc(len))) {
+    if (!(aBuf->value = (void*)gssalloc_malloc(len))) {
        free(aBuf);
        return (GSS_S_FAILURE);
     }
index c1104fd8ae9f735620732704d99201c7c8aab424..8c3328acc5a671217b1804b97a917b23c453f20b 100644 (file)
@@ -49,7 +49,7 @@ gss_buffer_t          buffer;
 
     if ((buffer->length) &&
        (buffer->value)) {
-           free(buffer->value);
+           gssalloc_free(buffer->value);
            buffer->length = 0;
            buffer->value = NULL;
     }
index e8ac6c34a4c0c1d677d5f5caa013aa5f099787c1..e00869238323f4093d6d5d4f310482a8a0852439 100644 (file)
@@ -70,7 +70,7 @@ gss_name_t *          input_name;
 
     if (union_name->external_name != GSS_C_NO_BUFFER) {
        if (union_name->external_name->value != NULL)
-           free(union_name->external_name->value);
+           gssalloc_free(union_name->external_name->value);
        free(union_name->external_name);
     }
 
index 7c059b469136541d00f0fd9c5e284fe3dbfa764f..ca1ef122e6f5c7d7e568d5e66e956832f50162ff 100644 (file)
@@ -125,7 +125,7 @@ gssint_wrap_aead_iov_shim(gss_mechanism mech,
        output_message_buffer->length += iov[i].buffer.length;
     }
 
-    output_message_buffer->value = malloc(output_message_buffer->length);
+    output_message_buffer->value = gssalloc_malloc(output_message_buffer->length);
     if (output_message_buffer->value == NULL) {
        *minor_status = ENOMEM;
        return GSS_S_FAILURE;