[29740] in CVS-changelog-for-Kerberos-V5

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

krb5 commit: Fix rare leak in krb5_cccol_have_content()

daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Oct 24 11:50:06 2016

Date: Mon, 24 Oct 2016 11:50:01 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201610241550.u9OFo1N9021794@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/1735f2e74767e56ac3bd75de61d41b8363ec6ce4
commit 1735f2e74767e56ac3bd75de61d41b8363ec6ce4
Author: Greg Hudson <ghudson@mit.edu>
Date:   Fri Oct 21 02:06:18 2016 -0400

    Fix rare leak in krb5_cccol_have_content()
    
    If krb5_cc_start_seq_get() fails inside the loop, close the current
    credential cache before continuing to the next one.  Reported by Todd
    Lipcon.
    
    ticket: 8509
    target_version: 1.15-next
    target_version: 1.14-next
    tags: pullup

 src/lib/krb5/ccache/cccursor.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/src/lib/krb5/ccache/cccursor.c b/src/lib/krb5/ccache/cccursor.c
index 281f128..c31a3f5 100644
--- a/src/lib/krb5/ccache/cccursor.c
+++ b/src/lib/krb5/ccache/cccursor.c
@@ -255,8 +255,10 @@ krb5_cccol_have_content(krb5_context context)
 
         ret = krb5_cc_start_seq_get(context, cache, &cache_cursor);
         save_first_error(context, ret, &errsave);
-        if (ret)
+        if (ret) {
+            krb5_cc_close(context, cache);
             continue;
+        }
         while (!found) {
             ret = krb5_cc_next_cred(context, cache, &cache_cursor, &creds);
             save_first_error(context, ret, &errsave);
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5

home	help	back	first	fref	pref	prev	next	nref	lref	last	post