[29549] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix krb5_get_init_creds_password() pwchange leak
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Aug 10 13:53:59 2016
Date: Wed, 10 Aug 2016 13:51:38 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201608101751.u7AHpcvk009391@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/3e5f7709e1928f1e814c427f2811d9204a167439
commit 3e5f7709e1928f1e814c427f2811d9204a167439
Author: Greg Hudson <ghudson@mit.edu>
Date: Tue Jun 28 14:52:31 2016 -0400
Fix krb5_get_init_creds_password() pwchange leak
When krb5_get_init_creds_password() attempts to change the password,
make sure to free code_string along all exit paths.
ticket: 8440 (new)
target_version: 1.14-next
target_version: 1.13-next
tags: pullup
src/lib/krb5/krb/gic_pwd.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c
index 55aa9d6..6f3a29f 100644
--- a/src/lib/krb5/krb/gic_pwd.c
+++ b/src/lib/krb5/krb/gic_pwd.c
@@ -442,6 +442,7 @@ krb5_get_init_creds_password(krb5_context context,
/* the change succeeded. go on */
if (result_code == 0) {
+ free(code_string.data);
free(result_string.data);
break;
}
@@ -451,6 +452,7 @@ krb5_get_init_creds_password(krb5_context context,
ret = KRB5_CHPW_FAIL;
if (result_code != KRB5_KPASSWD_SOFTERROR) {
+ free(code_string.data);
free(result_string.data);
goto cleanup;
}
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
