Fix memory leak caught by valgrind
authorKen Raeburn <raeburn@mit.edu>
Mon, 24 Nov 2008 19:19:14 +0000 (19:19 +0000)
committerKen Raeburn <raeburn@mit.edu>
Mon, 24 Nov 2008 19:19:14 +0000 (19:19 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21179 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/rd_req_dec.c

index 653afa0dba4015530abec61e93dd100336c13d88..b81266d2646f04401d99868eb189e9609b50639f 100644 (file)
@@ -2,7 +2,7 @@
  * lib/krb5/krb/rd_req_dec.c
  *
  * Copyright (c) 1994 CyberSAFE Corporation.
- * Copyright 1990,1991,2007 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991,2007,2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -302,25 +302,33 @@ krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context,
        /* no etype check needed */;
     } else if ((*auth_context)->permitted_etypes == NULL) {
        int etype;
-        size_t size_etype_enc = 3 * sizeof(krb5_enctype); /*  upto three types */
+        size_t size_etype_enc = 3 * sizeof(krb5_enctype); /* upto three types */
         size_t size_etype_bool = 3 * sizeof(krb5_boolean);
         krb5_etypes_permitted etypes;
         memset(&etypes, 0, sizeof etypes);
 
-        etypes.etype = (krb5_enctype*) malloc( size_etype_enc );
-        etypes.etype_ok = (krb5_boolean*) malloc( size_etype_bool );
-        memset(etypes.etype, 0, size_etype_enc );
-        memset(etypes.etype_ok, 0, size_etype_bool );
+        etypes.etype = (krb5_enctype*) malloc(size_etype_enc);
+       if (etypes.etype == NULL) {
+           retval = ENOMEM;
+           goto cleanup;
+       }
+        etypes.etype_ok = (krb5_boolean*) malloc(size_etype_bool);
+       if (etypes.etype_ok == NULL) {
+           retval = ENOMEM;
+           free(etypes.etype);
+           goto cleanup;
+       }
+        memset(etypes.etype, 0, size_etype_enc);
+        memset(etypes.etype_ok, 0, size_etype_bool);
 
         etypes.etype[etypes.etype_count++] = req->ticket->enc_part.enctype;
         etypes.etype[etypes.etype_count++] = req->ticket->enc_part2->session->enctype;
-        if ( (*auth_context)->authentp->subkey) {
+        if ((*auth_context)->authentp->subkey) {
             etypes.etype[etypes.etype_count++] = (*auth_context)->authentp->subkey->enctype;
         }
 
         retval = krb5_is_permitted_enctype_ext(context, &etypes);
 
-
 #if 0
        /* check against the default set */
        if ((!krb5_is_permitted_enctype(context,
@@ -331,25 +339,21 @@ krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context,
             !krb5_is_permitted_enctype(context,
                                        etype = (*auth_context)->authentp->subkey->enctype))) {
 #endif
-        if  ( retval == 0  /* all etypes  are not permitted */ ||  
-              ( !etypes.etype_ok[0] || !etypes.etype_ok[1] ||
-              (((*auth_context)->authentp->subkey) && !etypes.etype_ok[etypes.etype_count-1])))
-        {
+        if  (retval == 0  /* all etypes are not permitted */ ||
+              (!etypes.etype_ok[0] || !etypes.etype_ok[1] ||
+              (((*auth_context)->authentp->subkey) && !etypes.etype_ok[etypes.etype_count-1]))) {
             char enctype_name[30];
             retval = KRB5_NOPERM_ETYPE;
 
-            if (  !etypes.etype_ok[0] )
-            {
-                etype =  etypes.etype[1];
-            }
-            else if (  !etypes.etype_ok[1] )
-            {
-                etype =  etypes.etype[1];
-            }
-            else
-            {
-                etype =  etypes.etype[2];
+            if (!etypes.etype_ok[0]) {
+                etype = etypes.etype[1];
+            } else if (!etypes.etype_ok[1]) {
+                etype = etypes.etype[1];
+            } else {
+                etype = etypes.etype[2];
             }
+           free(etypes.etype);
+           free(etypes.etype_ok);
 
            if (krb5_enctype_to_string(etype, enctype_name, sizeof(enctype_name)) == 0)
                krb5_set_error_message(context, retval,
@@ -357,6 +361,8 @@ krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context,
                                       enctype_name);
            goto cleanup;
        }
+       free(etypes.etype);
+       free(etypes.etype_ok);
     } else {
        /* check against the set in the auth_context */
        int i;