[27849] in CVS-changelog-for-Kerberos-V5

home help back first fref pref prev next nref lref last post

krb5 commit: Fix a leak when parsing PKINIT cert SANs with NSS

daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Jul 15 11:20:16 2013

Date: Mon, 15 Jul 2013 11:20:11 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201307151520.r6FFKBUT002826@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/4365d313c6109988268b746bcaf1c08f7b7a593c
commit 4365d313c6109988268b746bcaf1c08f7b7a593c
Author: Nalin Dahyabhai <nalin@dahyabhai.net>
Date:   Tue Jul 9 18:29:41 2013 -0400

    Fix a leak when parsing PKINIT cert SANs with NSS
    
    When retrieving the list of a certificate's subjectAltName values, we
    weren't freeing some of the temporary memory we used.

 src/plugins/preauth/pkinit/pkinit_crypto_nss.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
index 4b0245c..47006ec 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
@@ -4389,6 +4389,7 @@ cert_retrieve_cert_sans(krb5_context context,
             break;
         }
     }
+    PORT_FreeArena(pool, PR_TRUE);
 
     return 0;
 }
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5

home help back first fref pref prev next nref lref last post