From 66bf4d0698aa144e7e1365c2c8ece251bc7c0d99 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Tue, 15 Jun 2004 18:57:17 +0000 Subject: [PATCH] don't leak rcaches in accept_sec_context * accept_sec_context.c (krb5_gss_accept_sec_context): Don't null out rcache of auth_context prior to free if rcache was temporarily allocated; this prevents leaking rcaches. ticket: new version_reported: 1.3.4 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16453 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/krb5/accept_sec_context.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index 42a86de6d..77ab8df1e 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -249,6 +249,7 @@ krb5_gss_accept_sec_context(minor_status, context_handle, gss_cred_id_t cred_handle = NULL; krb5_gss_cred_id_t deleg_cred = NULL; krb5int_access kaccess; + int got_rcache = 0; code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION); if (code) { @@ -382,6 +383,7 @@ krb5_gss_accept_sec_context(minor_status, context_handle, goto fail; } if (cred->rcache) { + got_rcache = 1; if ((code = krb5_auth_con_setrcache(context, auth_context, cred->rcache))) { major_status = GSS_S_FAILURE; goto fail; @@ -877,7 +879,9 @@ krb5_gss_accept_sec_context(minor_status, context_handle, krb5_free_authenticator(context, authdat); /* The ctx structure has the handle of the auth_context */ if (auth_context && !ctx) { - (void)krb5_auth_con_setrcache(context, auth_context, NULL); + if (!got_rcache) + (void)krb5_auth_con_setrcache(context, auth_context, NULL); + krb5_auth_con_free(context, auth_context); } if (reqcksum.contents) -- 2.26.2