+2004-08-27 Tom Yu <tlyu@mit.edu>
+
+ * init_sec_context.c (make_ap_req_v1): Free checksum data
+ allocated by make_gss_checksum() to avoid leak.
+
+ * k5sealv3.c (gss_krb5int_unseal_token_v3): Free plain.data after
+ checksum is verified, to avoid leak.
+
2004-08-26 Ken Raeburn <raeburn@mit.edu>
* acquire_cred.c (krb5_gss_acquire_cred): Call
if (ctx->gss_flags & GSS_C_MUTUAL_FLAG)
mk_req_flags |= AP_OPTS_MUTUAL_REQUIRED;
- if ((code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags,
- checksum_data, k_cred, &ap_req)))
+ code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags,
+ checksum_data, k_cred, &ap_req);
+ krb5_free_data_contents(context, &cksum_struct.checksum_data);
+ if (code)
goto cleanup;
/* store the interesting stuff from creds and authent */
sum.checksum_type = ctx->cksumtype;
err = krb5_c_verify_checksum(context, key, key_usage,
&plain, &sum, &valid);
+ free(plain.data);
+ plain.data = NULL;
if (err) {
error:
- free(plain.data);
*minor_status = err;
return GSS_S_BAD_SIG; /* XXX */
}
if (!valid) {
- free(plain.data);
*minor_status = 0;
return GSS_S_BAD_SIG;
}