[30109] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix memory leak in KDC PKINIT code
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Feb 23 20:37:58 2018
Date: Fri, 23 Feb 2018 20:37:47 -0500
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201802240137.w1O1blLM022056@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/cefc250efd71515dd665b606bcb993e617068758
commit cefc250efd71515dd665b606bcb993e617068758
Author: sashan <anedvedicky@gmail.com>
Date: Tue Feb 20 23:03:36 2018 +0100
Fix memory leak in KDC PKINIT code
Commit e5c77a11341a79e6af1e5aef7c587a5b75a9e378 introduced a memory
leak of the client public key in server_process_dh(). Free
client_pubkey on success as well as failure.
ticket: 8644 (new)
target_version: 1.16-next
target_version: 1.15-next
tags: pullup
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index ac107c2..0c8dd7e 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -2979,6 +2979,7 @@ server_process_dh(krb5_context context,
retval = 0;
+ BN_free(client_pubkey);
if (dh_server != NULL)
DH_free(dh_server);
return retval;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
