[31537] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix error handling in KDC PAC processing
daemon@ATHENA.MIT.EDU (ghudson@mit.edu)
Tue May 19 02:25:36 2026
From: ghudson@mit.edu
To: cvs-krb5@mit.edu
Message-Id: <20260519062529.1ACE7105519@krbdev.mit.edu>
Date: Tue, 19 May 2026 02:25:29 -0400 (EDT)
MIME-Version: 1.0
Reply-To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/f6e2c397ceda6467ebbaab8ed66d4895c9f1d6a7
commit f6e2c397ceda6467ebbaab8ed66d4895c9f1d6a7
Author: TristanInSec <tristan.mtn@gmail.com>
Date: Mon May 18 11:56:34 2026 -0400
Fix error handling in KDC PAC processing
When get_pac_princ_with_realm() detects the wrong number of '@'
characters, return an error instead of 0. When it encounters an error
from krb5_parse_name_flags(), do not leak client_str.
[ghudson@mit.edu: fixed memory leak; rewrote commit message]
ticket: 9212 (new)
tags: pullup
target_version: 1.22-next
src/kdc/kdc_util.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
index 6f88afa2d..33b803fa9 100644
--- a/src/kdc/kdc_util.c
+++ b/src/kdc/kdc_util.c
@@ -665,13 +665,13 @@ get_pac_princ_with_realm(krb5_context context, krb5_pac pac,
ret = krb5_parse_name_flags(context, client_str, flags, princ_out);
if (ret)
- return ret;
+ goto cleanup;
(*princ_out)->type = KRB5_NT_MS_PRINCIPAL;
cleanup:
free(client_str);
- return 0;
+ return ret;
}
/* This probably wants to be updated if you support last_req stuff */
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
