[29653] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.13]: Fix unlikely leak in sendto_kdc
daemon@ATHENA.MIT.EDU (Tom Yu)
Fri Sep 9 14:50:36 2016
Date: Fri, 9 Sep 2016 14:48:13 -0400
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201609091848.u89ImDOm000428@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/c36c4e4b12ed10d2fe4c8c0293e036dff8985758
commit c36c4e4b12ed10d2fe4c8c0293e036dff8985758
Author: Greg Hudson <ghudson@mit.edu>
Date: Tue Jun 28 22:10:35 2016 -0400
Fix unlikely leak in sendto_kdc
If a TCP connection is killed after it allocates the buffer (so is no
longer in READING state), free the buffer during cleanup.
(cherry picked from commit 6895dc9f204520e7f4da8da879cc67c149bc4e6b)
ticket: 8444
version_fixed: 1.13.7
src/lib/krb5/os/sendto_kdc.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
index 3b3b438..9c54d99 100644
--- a/src/lib/krb5/os/sendto_kdc.c
+++ b/src/lib/krb5/os/sendto_kdc.c
@@ -1512,7 +1512,7 @@ cleanup:
closesocket(state->fd);
free_http_tls_data(context, state);
}
- if (state->state == READING && state->in.buf != udpbuf)
+ if (state->in.buf != udpbuf)
free(state->in.buf);
if (callback_info) {
callback_info->pfn_cleanup(callback_info->data,
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
