[26717] in CVS-changelog-for-Kerberos-V5

home help back first fref pref prev next nref lref last post

krb5 commit: Fix error handling in allocate_princ()

daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Jul 13 12:03:34 2012

Date: Fri, 13 Jul 2012 12:03:28 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201207131603.q6DG3SqJ026206@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/d938577dc1628f4dc8a0af3657020ee444a78c1b
commit d938577dc1628f4dc8a0af3657020ee444a78c1b
Author: Greg Hudson <ghudson@mit.edu>
Date:   Fri Jul 13 12:03:08 2012 -0400

    Fix error handling in allocate_princ()
    
    The most recent change could leak memory when trying to parse an
    invalid principal because of a failure to use the cleanup handler.

 src/lib/krb5/krb/parse.c |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/lib/krb5/krb/parse.c b/src/lib/krb5/krb/parse.c
index 613e41d..c55381a 100644
--- a/src/lib/krb5/krb/parse.c
+++ b/src/lib/krb5/krb/parse.c
@@ -79,8 +79,10 @@ allocate_princ(krb5_context context, const char *name, krb5_boolean enterprise,
         } else if (*p == '@' && (!enterprise || !first_at)) {
             /* Realm separator.  In enterprise principals, the first one of
              * these we see is part of the component. */
-            if (cur_data == &princ->realm)
-                return KRB5_PARSE_MALFORMED;
+            if (cur_data == &princ->realm) {
+                ret = KRB5_PARSE_MALFORMED;
+                goto cleanup;
+            }
             cur_data = &princ->realm;
         } else {
             /* Component or realm character, possibly quoted.  Make note if
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
home help back first fref pref prev next nref lref last post