[31179] in CVS-changelog-for-Kerberos-V5

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

krb5 commit [krb5-1.20]: Fix memory leak in SPAKE kdcpreauth module

daemon@ATHENA.MIT.EDU (ghudson@mit.edu)
Tue Nov 15 11:31:52 2022

From: ghudson@mit.edu
To: <cvs-krb5@mit.edu>
Message-ID: <20221115163127.C98EF102FB9@krbdev.mit.edu>
Date: Tue, 15 Nov 2022 11:31:27 -0500 (EST)
MIME-Version: 1.0
Reply-To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/a7a99db31c532c5616814853354a048fc865df06
commit a7a99db31c532c5616814853354a048fc865df06
Author: sashan <anedvedicky@gmail.com>
Date:   Thu May 26 08:51:10 2022 +0200

    Fix memory leak in SPAKE kdcpreauth module
    
    Commit ff57dc682a27bd205d715f3c0bed84890f2453c4 introduced a memory
    leak into verify_response().  reply_key is no longer passed to the
    callback and therefore needs to be freed by this function.
    
    [ghudson@mit.edu: rewrote commit message]
    
    (cherry picked from commit 445e1b32767af3041ffd1823996d05ffec6fc9d5)
    
    ticket: 9061
    version_fixed: 1.20.1

 src/plugins/preauth/spake/spake_kdc.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/plugins/preauth/spake/spake_kdc.c b/src/plugins/preauth/spake/spake_kdc.c
index 687cdc9e0..1a772d450 100644
--- a/src/plugins/preauth/spake/spake_kdc.c
+++ b/src/plugins/preauth/spake/spake_kdc.c
@@ -469,6 +469,7 @@ cleanup:
     zapfree(spakeresult.data, spakeresult.length);
     krb5_free_data_contents(context, &thash);
     krb5_free_keyblock(context, k1);
+    krb5_free_keyblock(context, reply_key);
     k5_free_spake_factor(context, factor);
     (*respond)(arg, ret, NULL, NULL, NULL);
 }
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5

home	help	back	first	fref	pref	prev	next	nref	lref	last	post