* init_sec_context.c (make_ap_req_v1): Free checksum data
authorTom Yu <tlyu@mit.edu>
Sat, 28 Aug 2004 01:23:19 +0000 (01:23 +0000)
committerTom Yu <tlyu@mit.edu>
Sat, 28 Aug 2004 01:23:19 +0000 (01:23 +0000)
allocated by make_gss_checksum() to avoid leak.

* k5sealv3.c (gss_krb5int_unseal_token_v3): Free plain.data after
checksum is verified, to avoid leak.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16696 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/gssapi/krb5/ChangeLog
src/lib/gssapi/krb5/init_sec_context.c
src/lib/gssapi/krb5/k5sealv3.c

index ac27dec44acdfe7acaef51ca4e0dc582ec0c6e17..3237548d3bdc6f7b589ed8d857e7973207f0a86c 100644 (file)
@@ -1,3 +1,11 @@
+2004-08-27  Tom Yu  <tlyu@mit.edu>
+
+       * init_sec_context.c (make_ap_req_v1): Free checksum data
+       allocated by make_gss_checksum() to avoid leak.
+
+       * k5sealv3.c (gss_krb5int_unseal_token_v3): Free plain.data after
+       checksum is verified, to avoid leak.
+
 2004-08-26  Ken Raeburn  <raeburn@mit.edu>
 
        * acquire_cred.c (krb5_gss_acquire_cred): Call
index adc5ad918127b824192da8e9604c9526a90dcea0..3ffb5154d9a8645e86c2fedce38c43585f2dce26 100644 (file)
@@ -301,8 +301,10 @@ make_ap_req_v1(context, ctx, cred, k_cred, chan_bindings, mech_type, token)
     if (ctx->gss_flags & GSS_C_MUTUAL_FLAG)
        mk_req_flags |= AP_OPTS_MUTUAL_REQUIRED;
 
-    if ((code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags,
-                                    checksum_data, k_cred, &ap_req)))
+    code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags,
+                               checksum_data, k_cred, &ap_req);
+    krb5_free_data_contents(context, &cksum_struct.checksum_data);
+    if (code)
        goto cleanup;
 
    /* store the interesting stuff from creds and authent */
index 710c6f59dd22bfb96279fde86300a71db95671d8..9fa1bf755722bd5f40317a88d79e752f55237d61 100644 (file)
@@ -477,14 +477,14 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr,
        sum.checksum_type = ctx->cksumtype;
        err = krb5_c_verify_checksum(context, key, key_usage,
                                     &plain, &sum, &valid);
+       free(plain.data);
+       plain.data = NULL;
        if (err) {
        error:
-           free(plain.data);
            *minor_status = err;
            return GSS_S_BAD_SIG; /* XXX */
        }
        if (!valid) {
-           free(plain.data);
            *minor_status = 0;
            return GSS_S_BAD_SIG;
        }