From: Tom Yu <tlyu@mit.edu>
Date: Mon, 18 Jun 2007 21:07:37 +0000 (+0000)
Subject: krb5_walk_realm_tree leaks in capaths case
X-Git-Tag: krb5-1.7-alpha1~1086
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=073cf9a9bcbe0f194990fcf199bad688f161a6c7;p=krb5.git

krb5_walk_realm_tree leaks in capaths case

Markus Moeller reports a leak in krb5_get_credentials() which was then
traced down to profile strings leaking from within
krb5_walk_realm_tree().  A pointer to a profile string was getting
overwritten without the string being freed when *cap_nodes[0] == '.'.
Fix is to free the string prior to overwriting the pointer if the
pointer is non-null.

ticket: new
target_version: 1.6.2
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19582 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/krb5/krb/walk_rtree.c b/src/lib/krb5/krb/walk_rtree.c
index 7210be7c7..c4673caa8 100644
--- a/src/lib/krb5/krb/walk_rtree.c
+++ b/src/lib/krb5/krb/walk_rtree.c
@@ -167,6 +167,9 @@ krb5_walk_realm_tree(krb5_context context, const krb5_data *client, const krb5_d
 		links++;
 	    }
 	}
+	if (cap_nodes[links] != NULL)
+	    krb5_xfree(cap_nodes[links]);
+
 	cap_nodes[links] = cap_server; /* put server on end of list */
 	/* this simplifies the code later and make */
 	/* cleanup eaiser as well */