[30004] in CVS-changelog-for-Kerberos-V5


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

krb5 commit [krb5-1.15]: Free GSS checksum data deterministically

daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Jul 17 23:04:17 2017

Date: Mon, 17 Jul 2017 22:59:35 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201707180259.v6I2xZcM032443@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/99ae7efbb9b332123e6d0918ee98c0c961accba7
commit 99ae7efbb9b332123e6d0918ee98c0c961accba7
Author: Tomas Kuthan <tkuthan@gmail.com>
Date:   Tue May 16 11:24:40 2017 +0200

    Free GSS checksum data deterministically
    
    In the normal course of execution, md5.contents allocated by
    kg_checksum_channel_bindings() in make_ap_req_v1() is freed in
    make_gss_checksum().  But when there is a failure in
    krb5_mk_req_extended() or in make_gss_checksum() before free is
    called, the memory leaks.
    
    This patch frees the memory unconditionally in make_ap_req_v1().
    
    (cherry picked from commit 29337e7c7b796685fb6a03466d32147e17aa2d16)
    
    ticket: 8584
    version_fixed: 1.15.2

 src/lib/gssapi/krb5/init_sec_context.c |    4 +---
 1 files changed, 1 insertions(+), 3 deletions(-)

diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c
index 70f7955..2a7467f 100644
--- a/src/lib/gssapi/krb5/init_sec_context.c
+++ b/src/lib/gssapi/krb5/init_sec_context.c
@@ -355,9 +355,6 @@ make_gss_checksum (krb5_context context, krb5_auth_context auth_context,
     TWRITE_STR(ptr, data->md5.contents, data->md5.length);
     TWRITE_INT(ptr, data->ctx->gss_flags, 0);
 
-    /* done with this, free it */
-    xfree(data->md5.contents);
-
     if (credmsg.data) {
         TWRITE_INT16(ptr, KRB5_GSS_FOR_CREDS_OPTION, 0);
         TWRITE_INT16(ptr, credmsg.length, 0);
@@ -429,6 +426,7 @@ make_ap_req_v1(context, ctx, cred, k_cred, ad_context,
     code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags,
                                 NULL, k_cred, &ap_req);
     krb5_auth_con_set_authdata_context(context, ctx->auth_context, NULL);
+    krb5_free_checksum_contents(context, &cksum_struct.md5);
     krb5_free_data_contents(context, &cksum_struct.checksum_data);
     if (code)
         goto cleanup;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[30004] in CVS-changelog-for-Kerberos-V5

krb5 commit [krb5-1.15]: Free GSS checksum data deterministically

daemon@ATHENA.MIT.EDU (Greg Hudson)Mon Jul 17 23:04:17 2017

daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Jul 17 23:04:17 2017