avoid double frees in ccache manipulation around gen_new

* krb5/krb/vfy_increds.c (krb5_verify_init_creds): If krb5_cc_gen_new fails,
don't both close and destroy the template ccache.
* gssapi/krb5/accept_sec_context.c (rd_and_store_for_creds): Likewise.

ticket: new
target_version: 1.6
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18815 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index ed4c3e22159dc3175735c8c97e09bf07c0d3a9f6..618b012f98b3b4af3aca5f4622373d72d5238e52 100644 (file)
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -141,8 +141,10 @@ rd_and_store_for_creds(context, auth_context, inbuf, out_cred)
        goto cleanup;
 
     ccache = template_ccache; /* krb5_cc_gen_new will replace so make a copy */
-    if ((retval = krb5_cc_gen_new(context, &ccache)))
+    if ((retval = krb5_cc_gen_new(context, &ccache))) {
+       ccache = NULL;
         goto cleanup;
+    }
     
     if ((retval = krb5_cc_initialize(context, ccache, creds[0]->client)))
        goto cleanup;

diff --git a/src/lib/krb5/krb/vfy_increds.c b/src/lib/krb5/krb/vfy_increds.c
index 10a68f20ded91caab204e0dbfe3d1308e4777cb5..39fb1f083ec4a26b16a1fc52a704b1b731abffa8 100644 (file)
--- a/src/lib/krb5/krb/vfy_increds.c
+++ b/src/lib/krb5/krb/vfy_increds.c
@@ -143,9 +143,10 @@ krb5_verify_init_creds(krb5_context context,
       if ((ret = krb5_cc_resolve(context, "MEMORY:rd_req", &template_ccache)))
         goto cleanup;
       ccache = template_ccache; /* krb5_cc_gen_new will replace so make a copy */
-       
-      if ((ret = krb5_cc_gen_new(context, &ccache)))
-        goto cleanup;
+      if ((ret = krb5_cc_gen_new(context, &ccache))) {
+         ccache = NULL;
+         goto cleanup;
+      }
        
       if ((ret = krb5_cc_initialize(context, ccache, creds->client)))
         goto cleanup;