From: Tom Yu Date: Tue, 12 Dec 2006 23:37:48 +0000 (+0000) Subject: pull up r18935 from trunk X-Git-Tag: krb5-1.6-beta2~28 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=b7201bc348920714ea1994a84a656e62589a2af5;p=krb5.git pull up r18935 from trunk r18935@cathode-dark-space: coffman | 2006-12-08 16:02:02 -0500 ticket: new subject: Don't leak padata when looping for krb5_do_preauth_tryagain() component: krb5-libs Target_Version: 1.6 Tags: pullup * src/lib/krb5/krb/get_in_tkt.c: krb5_get_init_creds() Free any existing request.padata at the top of the loop calling krb5_do_preauth() and krb5_do_preauth_tryagain(). ticket: 5032 version_fixed: 1.6 git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@18944 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index 9cf022fe8..80baf41ce 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -1097,12 +1097,12 @@ krb5_get_init_creds(krb5_context context, /* now, loop processing preauth data and talking to the kdc */ for (loopcount = 0; loopcount < MAX_IN_TKT_LOOPS; loopcount++) { + if (request.padata) { + krb5_free_pa_data(context, request.padata); + request.padata = NULL; + } if (!err_reply) { /* either our first attempt, or retrying after PREAUTH_NEEDED */ - if (request.padata) { - krb5_free_pa_data(context, request.padata); - request.padata = NULL; - } if ((ret = krb5_do_preauth(context, &request, encoded_request_body,