[28633] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix cursor leak in krb5_verify_init_creds
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Oct 22 12:25:57 2014
Date: Wed, 22 Oct 2014 12:24:43 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201410221624.s9MGOhdX015089@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/62894f854daa8251554376b6b6810fd0e9fecb7f
commit 62894f854daa8251554376b6b6810fd0e9fecb7f
Author: Greg Hudson <ghudson@mit.edu>
Date: Mon Oct 20 13:19:26 2014 -0400
Fix cursor leak in krb5_verify_init_creds
In copy_creds_except, call krb5_cc_end_seq_get so we don't leak the
ccache cursor.
ticket: 8029 (new)
target_version: 1.13.1
tags: pullup
src/lib/krb5/krb/vfy_increds.c | 8 ++++++--
1 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/lib/krb5/krb/vfy_increds.c b/src/lib/krb5/krb/vfy_increds.c
index 4833992..8ceab7d 100644
--- a/src/lib/krb5/krb/vfy_increds.c
+++ b/src/lib/krb5/krb/vfy_increds.c
@@ -56,7 +56,7 @@ copy_creds_except(krb5_context context, krb5_ccache incc,
krb5_ccache outcc, krb5_principal princ)
{
krb5_error_code ret, ret2;
- krb5_cc_cursor cur;
+ krb5_cc_cursor cur = NULL;
krb5_creds creds;
/* Turn off TC_OPENCLOSE on input ccache. */
@@ -79,9 +79,13 @@ copy_creds_except(krb5_context context, krb5_ccache incc,
if (ret != KRB5_CC_END)
goto cleanup;
- ret = 0;
+
+ ret = krb5_cc_end_seq_get(context, incc, &cur);
+ cur = NULL;
cleanup:
+ if (cur != NULL)
+ (void)krb5_cc_end_seq_get(context, incc, &cur);
ret2 = krb5_cc_set_flags(context, incc, KRB5_TC_OPENCLOSE);
return (ret == 0) ? ret2 : ret;
}
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5