[28410] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.12]: Don't leak the per-request preauth context
daemon@ATHENA.MIT.EDU (Tom Yu)
Thu Jun 26 16:54:17 2014
Date: Thu, 26 Jun 2014 16:53:42 -0400
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201406262053.s5QKrgt8031669@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/4308567b47ac6b29b56ae0ad716b632c1dbe1993
commit 4308567b47ac6b29b56ae0ad716b632c1dbe1993
Author: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Tue Mar 11 13:33:23 2014 -0400
Don't leak the per-request preauth context
Currently, per-request preauth module data is only cleared when we
successfully obtain initial credentials. Make sure to clear it at the
end of the operation even if we failed to get creds.
[ghudson@mit.edu: expanded commit message]
(cherry picked from commit a47c4e68308331a630480cb62c2b7711432e0123)
ticket: 7793
version_fixed: 1.12.2
status: resolved
src/lib/krb5/krb/get_in_tkt.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index d7b2bd9..72c025d 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -492,6 +492,7 @@ krb5_init_creds_free(krb5_context context,
k5_response_items_free(ctx->rctx.items);
free(ctx->in_tkt_service);
zapfree(ctx->gakpw.storage.data, ctx->gakpw.storage.length);
+ k5_preauth_request_context_fini(context);
krb5_free_error(context, ctx->err_reply);
krb5_free_pa_data(context, ctx->err_padata);
krb5_free_cred_contents(context, &ctx->cred);
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
