From: Ezra Peisach Date: Sat, 16 Aug 2008 13:03:30 +0000 (+0000) Subject: In parsing authorization data, if run out of memory, the authorization X-Git-Tag: krb5-1.7-alpha1~482 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=d1dee36427592d649aa27ea1b05167f5d83ca50e;p=krb5.git In parsing authorization data, if run out of memory, the authorization data was released, but the pointer not zeroed. This resulted in higher level code trying to free it again. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20667 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/ccache/cc_file.c b/src/lib/krb5/ccache/cc_file.c index 0e5a9b666..a24ff4502 100644 --- a/src/lib/krb5/ccache/cc_file.c +++ b/src/lib/krb5/ccache/cc_file.c @@ -816,6 +816,7 @@ krb5_fcc_read_authdata(krb5_context context, krb5_ccache id, krb5_authdata ***a) (*a)[i] = (krb5_authdata *) malloc(sizeof(krb5_authdata)); if ((*a)[i] == NULL) { krb5_free_authdata(context, *a); + *a = NULL; return KRB5_CC_NOMEM; } (*a)[i]->contents = NULL; diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c index be22a8365..2d8864af3 100644 --- a/src/lib/krb5/ccache/cc_keyring.c +++ b/src/lib/krb5/ccache/cc_keyring.c @@ -1287,7 +1287,7 @@ krb5_krcc_parse_cred(krb5_context context, krb5_ccache id, krb5_creds * creds, memset(creds->ticket.data, 0, (unsigned) creds->ticket.length); krb5_xfree(creds->ticket.data); cleanauthdata: - /* XXX ??? */ + krb5_free_authdata(context, creds->authdata); cleanaddrs: krb5_free_addresses(context, creds->addresses); cleanblock: @@ -1616,6 +1616,7 @@ krb5_krcc_parse_authdata(krb5_context context, krb5_ccache id, (*a)[i] = (krb5_authdata *) malloc(sizeof(krb5_authdata)); if ((*a)[i] == NULL) { krb5_free_authdata(context, *a); + *a = NULL; return KRB5_CC_NOMEM; } kret = krb5_krcc_parse_authdatum(context, id, (*a)[i], bc); @@ -1624,8 +1625,10 @@ krb5_krcc_parse_authdata(krb5_context context, krb5_ccache id, return KRB5_OK; errout: - if (*a) + if (*a) { krb5_free_authdata(context, *a); + *a = NULL; + } return kret; }