From: Tom Yu <tlyu@mit.edu>
Date: Fri, 1 Dec 2006 20:57:04 +0000 (+0000)
Subject: 	* src/lib/krb5/ccache/cc_file.c: Adapted patch from Roland
X-Git-Tag: krb5-1.7-alpha1~1420
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=2f87558821aa906d2b2afc4753d8ea9e6121717f;p=krb5.git

	* src/lib/krb5/ccache/cc_file.c: Adapted patch from Roland
	Dowdeswell to avoid possible double-free conditions on certain
	errors.

ticket: 4788
tags: pullup
target_version: 1.6
component: krb5-libs

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18897 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/krb5/ccache/cc_file.c b/src/lib/krb5/ccache/cc_file.c
index 5b11a0e01..c87fef4e0 100644
--- a/src/lib/krb5/ccache/cc_file.c
+++ b/src/lib/krb5/ccache/cc_file.c
@@ -443,6 +443,8 @@ krb5_fcc_read_principal(krb5_context context, krb5_ccache id, krb5_principal *pr
 
     k5_assert_locked(&((krb5_fcc_data *) id->data)->lock);
 
+    *princ = NULL;
+
     if (data->version == KRB5_FCC_FVNO_1) {
 	type = KRB5_NT_UNKNOWN;
     } else {
@@ -538,15 +540,18 @@ krb5_fcc_read_addrs(krb5_context context, krb5_ccache id, krb5_address ***addrs)
 	  if ((*addrs)[i] == NULL) {
 	      krb5_free_addresses(context, *addrs);
 	      return KRB5_CC_NOMEM;
-	  }	  
+	  }
+	  (*addrs)[i]->contents = NULL;
 	  kret = krb5_fcc_read_addr(context, id, (*addrs)[i]);
 	  CHECK(kret);
      }
 
      return KRB5_OK;
  errout:
-     if (*addrs)
+     if (*addrs) {
 	 krb5_free_addresses(context, *addrs);
+	 *addrs = NULL;
+     }
      return kret;
 }
 
@@ -593,8 +598,10 @@ krb5_fcc_read_keyblock(krb5_context context, krb5_ccache id, krb5_keyblock *keyb
 
      return KRB5_OK;
  errout:
-     if (keyblock->contents)
+     if (keyblock->contents) {
 	 krb5_xfree(keyblock->contents);
+	 keyblock->contents = NULL;
+     }
      return kret;
 }
 
@@ -632,8 +639,10 @@ krb5_fcc_read_data(krb5_context context, krb5_ccache id, krb5_data *data)
      data->data[data->length] = 0; /* Null terminate, just in case.... */
      return KRB5_OK;
  errout:
-     if (data->data)
+     if (data->data) {
 	 krb5_xfree(data->data);
+	 data->data = NULL;
+     }
      return kret;
 }
 
@@ -675,8 +684,10 @@ krb5_fcc_read_addr(krb5_context context, krb5_ccache id, krb5_address *addr)
 
      return KRB5_OK;
  errout:
-     if (addr->contents)
+     if (addr->contents) {
 	 krb5_xfree(addr->contents);
+	 addr->contents = NULL;
+     }
      return kret;
 }
 
@@ -804,15 +815,18 @@ krb5_fcc_read_authdata(krb5_context context, krb5_ccache id, krb5_authdata ***a)
 	  if ((*a)[i] == NULL) {
 	      krb5_free_authdata(context, *a);
 	      return KRB5_CC_NOMEM;
-	  }	  
+	  }
+	  (*a)[i]->contents = NULL;
 	  kret = krb5_fcc_read_authdatum(context, id, (*a)[i]);
 	  CHECK(kret);
      }
 
      return KRB5_OK;
  errout:
-     if (*a)
+     if (*a) {
 	 krb5_free_authdata(context, *a);
+	 *a = NULL;
+     }
      return kret;
 }
 
@@ -853,8 +867,10 @@ krb5_fcc_read_authdatum(krb5_context context, krb5_ccache id, krb5_authdata *a)
     
      return KRB5_OK;
  errout:
-     if (a->contents)
+     if (a->contents) {
 	 krb5_xfree(a->contents);
+	 a->contents = NULL;
+     }
      return kret;
     
 }