------------------------------------------------------------------------
r20482 | raeburn | 2008-06-26 22:51:09 -0400 (Thu, 26 Jun 2008) | 5 lines
ticket: 5997
Memory leak, and possible freed-memory dereference, in an error (small
allocation failure) path.
------------------------------------------------------------------------
r20481 | raeburn | 2008-06-26 22:47:06 -0400 (Thu, 26 Jun 2008) | 9 lines
ticket: new
target_version: 1.6.4
subject: misc memory leaks
tags: pullup
Fix various memory leaks that show up mostly in error cases (e.g.,
failure to allocate one small object, and then we forget to free
another one).
ticket: 5997
status: resolved
version_fixed: 1.6.4
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@22426
dc483132-0cff-0310-8789-
dd5450dbe970
process_tgs_req(krb5_data *pkt, const krb5_fulladdr *from,
krb5_data **response)
{
- krb5_keyblock * subkey;
+ krb5_keyblock * subkey = 0;
krb5_kdc_req *request = 0;
krb5_db_entry server;
krb5_kdc_rep reply;
/*
* setup_server_realm() sets up the global realm-specific data pointer.
*/
- if ((retval = setup_server_realm(request->server)))
+ if ((retval = setup_server_realm(request->server))) {
+ krb5_free_kdc_req(kdc_context, request);
return retval;
+ }
fromstring = inet_ntop(ADDRTYPE2FAMILY(from->address->addrtype),
from->address->contents,
if (session_key.contents)
krb5_free_keyblock_contents(kdc_context, &session_key);
if (newtransited)
- free(enc_tkt_reply.transited.tr_contents.data);
+ free(enc_tkt_reply.transited.tr_contents.data);
+ if (subkey)
+ krb5_free_keyblock(kdc_context, subkey);
return retval;
}
"TGS_REQ: issuing TGT %s", sname);
free(sname);
}
+ krb5_free_realm_tree(kdc_context, plist);
return;
}
krb5_db_free_principal(kdc_context, server, *nprincs);
/*
* kdc/kdc_util.c
*
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991,2007,2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
retval = krb5_dbekd_decrypt_key_data(kdc_context, &master_keyblock,
server_key,
*key, NULL);
+ if (retval) {
+ free(*key);
+ *key = NULL;
+ }
} else
retval = ENOMEM;
errout:
}
code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
- if (code)
+ if (code) {
+ xfree(t);
return(code);
+ }
md5cksum.length = sumlen;
/*
* lib/krb5/krb/bld_pr_ext.c
*
- * Copyright 1991 by the Massachusetts Institute of Technology.
+ * Copyright 1991, 2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
register int i, count = 0;
register unsigned int size;
register char *next;
- char *tmpdata;
+ char *tmpdata = 0;
krb5_data *princ_data;
krb5_principal princ_ret;
krb5_xfree(princ_data[i].data);
krb5_xfree(princ_data);
krb5_xfree(princ_ret);
+ krb5_xfree(tmpdata);
va_end(ap);
return ENOMEM;
}
/*
* lib/krb5/krb/get_creds.c
*
- * Copyright 1990 by the Massachusetts Institute of Technology.
+ * Copyright 1990, 2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
retval = 255;
break;
}
- if (retval) return retval;
+ /*
+ * Callers to krb5_get_cred_blah... must free up tgts even in
+ * error cases.
+ */
if (tgts) krb5_free_tgt_creds(context, tgts);
+ if (retval) return retval;
retval = krb5_cc_get_principal(context, ccache, &tmp);
if (retval) return retval;
/* stuff the client realm into the server principal.
realloc if necessary */
- if (request.server->realm.length < request.client->realm.length)
- if ((request.server->realm.data =
- (char *) realloc(request.server->realm.data,
- request.client->realm.length)) == NULL) {
+ if (request.server->realm.length < request.client->realm.length) {
+ char *p = realloc(request.server->realm.data,
+ request.client->realm.length);
+ if (p == NULL) {
ret = ENOMEM;
goto cleanup;
}
+ request.server->realm.data = p;
+ }
request.server->realm.length = request.client->realm.length;
memcpy(request.server->realm.data, request.client->realm.data,
newpad = realloc(opte->opt_private->preauth_data, newsize);
if (newpad == NULL)
return ENOMEM;
+ opte->opt_private->preauth_data = newpad;
i = opte->opt_private->num_preauth_data;
newpad[i].attr = strdup(attr);
return ENOMEM;
}
opte->opt_private->num_preauth_data += 1;
- opte->opt_private->preauth_data = newpad;
return 0;
}
if ((old_ktypes =
(krb5_enctype *)malloc(sizeof(krb5_enctype) * (count + 1))) ==
- (krb5_enctype *) NULL)
+ (krb5_enctype *) NULL) {
+ profile_release_string(retval);
return ENOMEM;
+ }
sp = retval;
j = 0;
/*
* lib/krb5/os/an_to_ln.c
*
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991,2007,2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
memset(out, '\0', MAX_FORMAT_BUFFER);
if (!do_replacement(rule, repl, doglobal, in, out)) {
free(rule);
- free(repl);
+ free(repl);
kret = KRB5_LNAME_NOTRANS;
break;
}
}
else {
/* No memory for copies */
+ free(rule);
kret = ENOMEM;
break;
}
rpc_createerr.cf_stat = RPC_SYSTEMERROR;
rpc_createerr.cf_error.re_errno = ENOMEM;
free(auth);
+ free(gd);
return (NULL);
}
}
if(!xdr_osa_policy_ent_rec(&xdrs, entry)) {
xdr_destroy(&xdrs);
free(aligned_data);
+ osa_free_policy_ent(entry);
ret = OSA_ADB_FAILURE;
goto error;
}
projects / krb5.git / commitdiff