[30143] in CVS-changelog-for-Kerberos-V5

home help back first fref pref prev next nref lref last post

krb5 commit: Fix SPAKE memory leak

daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Mar 27 15:15:31 2018

Date: Tue, 27 Mar 2018 15:15:24 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201803271915.w2RJFOSQ003141@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/91dad4eba37b5b56dc21d59880cb6eb4d3e6b7a5
commit 91dad4eba37b5b56dc21d59880cb6eb4d3e6b7a5
Author: Greg Hudson <ghudson@mit.edu>
Date:   Tue Mar 27 10:36:05 2018 -0400

    Fix SPAKE memory leak
    
    In the NIST group implementations, ossl_fini() needs to free the
    groupdata container as well as its fields.  Also in
    spake_kdc.c:parse_data(), initialize the magic field of the resulting
    data object to avoid a harmless uninitialized memory copy.
    
    ticket: 8647

 src/plugins/preauth/spake/openssl.c   |    1 +
 src/plugins/preauth/spake/spake_kdc.c |    1 +
 2 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/src/plugins/preauth/spake/openssl.c b/src/plugins/preauth/spake/openssl.c
index b821a91..f2e4b53 100644
--- a/src/plugins/preauth/spake/openssl.c
+++ b/src/plugins/preauth/spake/openssl.c
@@ -69,6 +69,7 @@ ossl_fini(groupdata *gd)
     EC_POINT_free(gd->N);
     BN_CTX_free(gd->ctx);
     BN_free(gd->order);
+    free(gd);
 }
 
 static krb5_error_code
diff --git a/src/plugins/preauth/spake/spake_kdc.c b/src/plugins/preauth/spake/spake_kdc.c
index c1723eb..59e8840 100644
--- a/src/plugins/preauth/spake/spake_kdc.c
+++ b/src/plugins/preauth/spake/spake_kdc.c
@@ -75,6 +75,7 @@ parse_data(struct k5input *in, krb5_data *out)
 {
     out->length = k5_input_get_uint32_be(in);
     out->data = (char *)k5_input_get_bytes(in, out->length);
+    out->magic = KV5M_DATA;
 }
 
 /* Parse a received cookie into its components.  The pointers stored in the
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5

home help back first fref pref prev next nref lref last post