Thanks, similar patch applied

	* set_ccache.c (gss_krb5_ccache_name): Don't return a pointer to
	freed memory.

ticket: 1346

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15205 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog
index 26afbfa723831fa429aa771f26ca3c7508a76ec4..65ecfc1f57bb2b34c262290a659c9abc2426c882 100644 (file)
--- a/src/lib/gssapi/krb5/ChangeLog
+++ b/src/lib/gssapi/krb5/ChangeLog
@@ -1,3 +1,8 @@
+2003-02-25  Tom Yu  <tlyu@mit.edu>
+
+       * set_ccache.c (gss_krb5_ccache_name): Don't return a pointer to
+       freed memory.
+
 2003-02-24  Tom Yu  <tlyu@mit.edu>
 
        * gssapi_krb5.c (kg_get_defcred): Revert previous; it's probably

diff --git a/src/lib/gssapi/krb5/set_ccache.c b/src/lib/gssapi/krb5/set_ccache.c
index ced403d9cee2e9b609a76277c746c56463f5b701..9a612201b5b18a5a6c07741a9ed38ad5560a0b78 100644 (file)
--- a/src/lib/gssapi/krb5/set_ccache.c
+++ b/src/lib/gssapi/krb5/set_ccache.c
@@ -1,3 +1,33 @@
+/*
+ * lib/gssapi/krb5/set_ccache.c
+ *
+ * Copyright 1999, 2003 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * Set ccache name used by gssapi, and optionally obtain old ccache
+ * name.  Caller should not free returned name.
+ */
+
+#include <string.h>
 #include "gssapiP_krb5.h"
 
 OM_uint32 KRB5_CALLCONV 
@@ -9,12 +39,27 @@ gss_krb5_ccache_name(minor_status, name, out_name)
        krb5_context context;
        krb5_error_code retval;
        OM_uint32 foo_stat;
+       static char *oldname = NULL;
+       const char *tmpname = NULL;
 
        if (GSS_ERROR(kg_get_context(minor_status, &context)))
                return (GSS_S_FAILURE);
 
-       if (out_name)
-               *out_name = krb5_cc_default_name(context);
+       if (out_name) {
+               if (oldname != NULL)
+                       free(oldname);
+               /*
+                * Save copy of previous default ccname, since
+                * cc_set_default_name will free it and we don't want
+                * to hang on to a pointer to freed memory.
+                */
+               tmpname = krb5_cc_default_name(context);
+               oldname = malloc(strlen(tmpname) + 1);
+               if (oldname == NULL)
+                       return GSS_S_FAILURE;
+               strcpy(oldname, tmpname);
+               *out_name = oldname;
+       }
 
        retval = krb5_cc_set_default_name(context, name);
        if (retval) {
@@ -24,7 +69,3 @@ gss_krb5_ccache_name(minor_status, name, out_name)
        kg_release_defcred(&foo_stat);
        return GSS_S_COMPLETE;
 }
-               
-
-       
-