From: Tom Yu <tlyu@mit.edu>
Date: Fri, 14 Dec 2007 05:01:07 +0000 (+0000)
Subject: fix CVE-2007-5971: double-free in gss_krb5int_make_seal_token_v3()
X-Git-Tag: krb5-1.7-alpha1~765
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=37b576d8561956162dcba324dd94f112c6a5b222;p=krb5.git

fix CVE-2007-5971: double-free in gss_krb5int_make_seal_token_v3()

ticket: 5856
target_version: 1.6.4
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20180 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/gssapi/krb5/k5sealv3.c b/src/lib/gssapi/krb5/k5sealv3.c
index 019f668c8..c8a168a17 100644
--- a/src/lib/gssapi/krb5/k5sealv3.c
+++ b/src/lib/gssapi/krb5/k5sealv3.c
@@ -248,7 +248,6 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
 	plain.data = 0;
 	if (err) {
 	    zap(outbuf,bufsize);
-	    free(outbuf);
 	    goto error;
 	}
 	if (sum.length != ctx->cksum_size)