[29604] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.14]: Fix leak in FAST OTP client processing
daemon@ATHENA.MIT.EDU (Tom Yu)
Fri Sep 2 17:04:30 2016
Date: Fri, 2 Sep 2016 17:04:26 -0400
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201609022104.u82L4Q8m023730@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/0ff6cf86d047aeb246ac183c5b5d56ff1de8223b
commit 0ff6cf86d047aeb246ac183c5b5d56ff1de8223b
Author: Greg Hudson <ghudson@mit.edu>
Date: Tue Jun 28 21:38:57 2016 -0400
Fix leak in FAST OTP client processing
In set_pa_data(), after encoding the OTP request and stealing the
pointer from the resulting krb5_data object, free the krb5_data
container.
(cherry picked from commit 7029efc11525299b87b9024280ef1d9f82059ec5)
ticket: 8443
version_fixed: 1.14.4
src/lib/krb5/krb/preauth_otp.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/lib/krb5/krb/preauth_otp.c b/src/lib/krb5/krb/preauth_otp.c
index 3de528b..37f98b2 100644
--- a/src/lib/krb5/krb/preauth_otp.c
+++ b/src/lib/krb5/krb/preauth_otp.c
@@ -830,6 +830,7 @@ set_pa_data(const krb5_pa_otp_req *req, krb5_pa_data ***pa_data_out)
goto error;
out[0]->contents = (krb5_octet *)tmp->data;
out[0]->length = tmp->length;
+ free(tmp);
*pa_data_out = out;
return 0;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
