In tgs_construct_tgsreq, free scratch even if scratch->data is NULL.

(Which probably can't happen, but static analyzers don't know that.)
Also protect scratch from being freed before initialization.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22002 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c
index 9a10b92718a7ce4b91a8681fc7c2fe7a924c7ebb..7b53e086d313633b270cef7281f2600971aaaca1 100644 (file)
--- a/src/lib/krb5/krb/send_tgs.c
+++ b/src/lib/krb5/krb/send_tgs.c
@@ -55,7 +55,7 @@ tgs_construct_tgsreq(krb5_context context, krb5_data *in_data,
     krb5_checksum         checksum;
     krb5_authenticator           authent;
     krb5_ap_req          request;
-    krb5_data          * scratch;
+    krb5_data          * scratch = NULL;
     krb5_data           * toutbuf;
     checksum.contents = NULL;
 /* Generate subkey*/
@@ -123,8 +123,8 @@ if (request.ticket)
  if (scratch != NULL && scratch->data != NULL) { 
 zap(scratch->data,  scratch->length);
     free(scratch->data);
-    free(scratch);
  }
+ free(scratch);
 
  if (*subkey && retval != 0) {
      krb5_free_keyblock(context, *subkey);