[29613] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.14]: Fix leak on error in libkadm5_srv
daemon@ATHENA.MIT.EDU (Tom Yu)
Fri Sep 2 17:07:26 2016
Date: Fri, 2 Sep 2016 17:04:29 -0400
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201609022104.u82L4Tip023822@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/ec821a4cc98a0ca421c707f2ad81d434b6556797
commit ec821a4cc98a0ca421c707f2ad81d434b6556797
Author: Greg Hudson <ghudson@mit.edu>
Date: Thu Jul 14 11:15:40 2016 -0400
Fix leak on error in libkadm5_srv initialization
In init_any(), free handle->params on failure.
(cherry picked from commit a60ed5c039642ec0bd6cdefba89762c3455fb84c)
ticket: 8453
version_fixed: 1.14.4
src/lib/kadm5/srv/server_init.c | 11 +++++++++++
1 files changed, 11 insertions(+), 0 deletions(-)
diff --git a/src/lib/kadm5/srv/server_init.c b/src/lib/kadm5/srv/server_init.c
index c0e0b78..ec771ee 100644
--- a/src/lib/kadm5/srv/server_init.c
+++ b/src/lib/kadm5/srv/server_init.c
@@ -237,6 +237,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
KADM5_CONFIG_IPROP_PORT)
if ((handle->params.mask & REQUIRED_PARAMS) != REQUIRED_PARAMS) {
+ kadm5_free_config_params(handle->context, &handle->params);
free_db_args(handle);
free(handle);
return KADM5_MISSING_CONF_PARAMS;
@@ -244,6 +245,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
if ((handle->params.mask & KADM5_CONFIG_IPROP_ENABLED) == KADM5_CONFIG_IPROP_ENABLED
&& handle->params.iprop_enabled) {
if ((handle->params.mask & IPROP_REQUIRED_PARAMS) != IPROP_REQUIRED_PARAMS) {
+ kadm5_free_config_params(handle->context, &handle->params);
free_db_args(handle);
free(handle);
return KADM5_MISSING_CONF_PARAMS;
@@ -252,6 +254,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
ret = krb5_set_default_realm(handle->context, handle->params.realm);
if (ret) {
+ kadm5_free_config_params(handle->context, &handle->params);
free_db_args(handle);
free(handle);
return ret;
@@ -260,6 +263,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
ret = krb5_db_open(handle->context, db_args,
KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN);
if (ret) {
+ kadm5_free_config_params(handle->context, &handle->params);
free_db_args(handle);
free(handle);
return(ret);
@@ -267,6 +271,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
if ((ret = krb5_parse_name(handle->context, client_name,
&handle->current_caller))) {
+ kadm5_free_config_params(handle->context, &handle->params);
krb5_db_fini(handle->context);
free_db_args(handle);
free(handle);
@@ -274,6 +279,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
}
if (! (handle->lhandle = malloc(sizeof(*handle)))) {
+ kadm5_free_config_params(handle->context, &handle->params);
krb5_db_fini(handle->context);
free_db_args(handle);
free(handle);
@@ -287,6 +293,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
/* can't check the handle until current_caller is set */
ret = check_handle((void *) handle);
if (ret) {
+ kadm5_free_config_params(handle->context, &handle->params);
free_db_args(handle);
free(handle);
return ret;
@@ -296,6 +303,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
(handle->params.mask & KADM5_CONFIG_MKEY_FROM_KBD)
&& handle->params.mkey_from_kbd);
if (ret) {
+ kadm5_free_config_params(handle->context, &handle->params);
krb5_db_fini(handle->context);
free_db_args(handle);
free(handle);
@@ -304,6 +312,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
ret = kdb_init_hist(handle, handle->params.realm);
if (ret) {
+ kadm5_free_config_params(handle->context, &handle->params);
krb5_db_fini(handle->context);
free_db_args(handle);
free(handle);
@@ -312,6 +321,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
ret = k5_kadm5_hook_load(context,&handle->hook_handles);
if (ret) {
+ kadm5_free_config_params(handle->context, &handle->params);
krb5_db_fini(handle->context);
krb5_free_principal(handle->context, handle->current_caller);
free_db_args(handle);
@@ -321,6 +331,7 @@ kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass,
ret = init_pwqual(handle);
if (ret) {
+ kadm5_free_config_params(handle->context, &handle->params);
k5_kadm5_hook_free_handles(context, handle->hook_handles);
krb5_db_fini(handle->context);
krb5_free_principal(handle->context, handle->current_caller);
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
