[28320] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix unlikely memory error in krb5_rd_cred
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu May 8 11:14:57 2014
Date: Thu, 8 May 2014 11:14:47 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201405081514.s48FElF5019605@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/60234f7b4cef58b66e0b2776988dfcf79c0d8bbb
commit 60234f7b4cef58b66e0b2776988dfcf79c0d8bbb
Author: Neng Xue <xnsuda@yahoo.com>
Date: Wed May 7 14:11:14 2014 -0700
Fix unlikely memory error in krb5_rd_cred
If an error occurs in the for loop in krb5_rd_cred_basic (which should
only happen on an ENOMEM), do not leave the caller with a dangling
reference to the freed credential array.
ticket: 7908 (new)
target_version: 1.12.2
src/lib/krb5/krb/rd_cred.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/src/lib/krb5/krb/rd_cred.c b/src/lib/krb5/krb/rd_cred.c
index 8be7f81..acc05c9 100644
--- a/src/lib/krb5/krb/rd_cred.c
+++ b/src/lib/krb5/krb/rd_cred.c
@@ -170,8 +170,10 @@ krb5_rd_cred_basic(krb5_context context, krb5_data *pcreddata,
(*pppcreds)[i] = NULL;
cleanup:
- if (retval)
+ if (retval) {
krb5_free_tgt_creds(context, *pppcreds);
+ *pppcreds = NULL;
+ }
cleanup_cred:
krb5_free_cred(context, pcred);
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5