[28663] in CVS-changelog-for-Kerberos-V5


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

krb5 commit: Add helper for freeing arrays of berval pointers

daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Mon Dec 15 15:04:42 2014

Date: Mon, 15 Dec 2014 15:03:36 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
Message-Id: <201412152003.sBFK3aoP004867@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/e316b24a2ac3d0b13fe50b37773f51441c63396e
commit e316b24a2ac3d0b13fe50b37773f51441c63396e
Author: Ben Kaduk <kaduk@mit.edu>
Date:   Fri Dec 5 21:18:38 2014 -0500

    Add helper for freeing arrays of berval pointers
    
    This eliminates a potential leak of the bv_val members from
    krb5_encode_krbsecretkey().

 src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c |   32 +++++++++++++-------
 1 files changed, 21 insertions(+), 11 deletions(-)

diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
index 10b5982..b970f8d 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
@@ -396,6 +396,24 @@ asn1_decode_sequence_of_keys(krb5_data *in, krb5_key_data **out,
     return 0;
 }
 
+/*
+ * Free a NULL-terminated struct berval *array[] and all its contents.
+ * Does not set array to NULL after freeing it.
+ */
+static void
+free_berdata(struct berval **array)
+{
+    int i;
+
+    if (array != NULL) {
+        for (i = 0; array[i] != NULL; i++) {
+            if (array[i]->bv_val != NULL)
+                free(array[i]->bv_val);
+            free(array[i]);
+        }
+        free(array);
+    }
+}
 
 /* Decoding ASN.1 encoded key */
 static struct berval **
@@ -466,12 +484,8 @@ cleanup:
 
     free(key_data);
     if (err != 0) {
-        if (ret != NULL) {
-            for (i = 0; ret[i] != NULL; i++)
-                free (ret[i]);
-            free (ret);
-            ret = NULL;
-        }
+        free_berdata(ret);
+        ret = NULL;
     }
 
     return ret;
@@ -1131,11 +1145,7 @@ krb5_ldap_put_principal(krb5_context context, krb5_db_entry *entry,
                                              LDAP_MOD_REPLACE |
                                              LDAP_MOD_BVALUES, ber_tl_data);
             }
-            for (j = 0; ber_tl_data[j] != NULL; j++) {
-                free(ber_tl_data[j]->bv_val);
-                free(ber_tl_data[j]);
-            }
-            free(ber_tl_data);
+            free_berdata(ber_tl_data);
             if (st != 0)
                 goto cleanup;
         }
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[28663] in CVS-changelog-for-Kerberos-V5

krb5 commit: Add helper for freeing arrays of berval pointers

daemon@ATHENA.MIT.EDU (Benjamin Kaduk)Mon Dec 15 15:04:42 2014

daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Mon Dec 15 15:04:42 2014