[29006] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix uncommon leak in krb5_init_creds_step()
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Jul 29 16:38:09 2015
Date: Wed, 29 Jul 2015 16:38:04 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201507292038.t6TKc4ur007545@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/997eb174f5fd81747ad0ecb671f00c25951931b1
commit 997eb174f5fd81747ad0ecb671f00c25951931b1
Author: Greg Hudson <ghudson@mit.edu>
Date: Sun Jul 26 13:21:47 2015 -0400
Fix uncommon leak in krb5_init_creds_step()
Release any previous value of ctx->err_padata before setting it in
init_creds_step_reply(). It could have a prior value after a realm
referral or retriable error.
ticket: 8223
target_version: 1.13.3
tags: pullup
src/lib/krb5/krb/get_in_tkt.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index fa8afcc..4343a4b 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -1428,6 +1428,8 @@ init_creds_step_reply(krb5_context context,
ctx->request->client->type == KRB5_NT_ENTERPRISE_PRINCIPAL;
if (ctx->err_reply != NULL) {
+ krb5_free_pa_data(context, ctx->err_padata);
+ ctx->err_padata = NULL;
code = krb5int_fast_process_error(context, ctx->fast_state,
&ctx->err_reply, &ctx->err_padata,
&retry);
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5