[30175] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.16]: Fix memory leak in KDC PKINIT code
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed May 2 01:27:51 2018
Date: Wed, 2 May 2018 01:25:33 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201805020525.w425PXHm030738@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/8e4304ec2f56043a1251993d1a527b1a6a97a4c8
commit 8e4304ec2f56043a1251993d1a527b1a6a97a4c8
Author: sashan <anedvedicky@gmail.com>
Date: Tue Feb 20 23:03:36 2018 +0100
Fix memory leak in KDC PKINIT code
Commit e5c77a11341a79e6af1e5aef7c587a5b75a9e378 introduced a memory
leak of the client public key in server_process_dh(). Free
client_pubkey on success as well as failure.
(cherry picked from commit cefc250efd71515dd665b606bcb993e617068758)
ticket: 8644
version_fixed: 1.16.1
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index ac107c2..0c8dd7e 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -2979,6 +2979,7 @@ server_process_dh(krb5_context context,
retval = 0;
+ BN_free(client_pubkey);
if (dh_server != NULL)
DH_free(dh_server);
return retval;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
