[11781] in Kerberos-V5-bugs
[krbdev.mit.edu #6816] potential memory leak in spnego
daemon@ATHENA.MIT.EDU (Arlene Berry" via RT)
Sun Nov 7 10:30:54 2010
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: ""Arlene Berry" via RT" <rt-comment@krbdev.MIT.EDU>
In-Reply-To: <rt-6816@krbdev.mit.edu>
Message-ID: <rt-6816-33451.16.2499322422261@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #6816'":;"'AdminCc of krbdev.mit.edu Ticket #6816'":;@MIT.EDU
Date: Sun, 7 Nov 2010 10:30:51 -0500 (EST)
Reply-To: rt-comment@krbdev.MIT.EDU
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
In src/lib/gssapi/spnego/spnego_mech.c in init_ctx_new and
acc_ctx_hints, if create_spnego_ctx succeeds but put_mech_set fails, sc
will be leaked.
--- src/lib/gssapi/spnego/spnego_mech.c (revision 52308)
+++ src/lib/gssapi/spnego/spnego_mech.c (revision 52309)
@@ -664,10 +664,12 @@
*/
sc->ctx_handle = GSS_C_NO_CONTEXT;
*ctx = (gss_ctx_id_t)sc;
+ sc = NULL;
*tokflag = INIT_TOKEN_SEND;
ret = GSS_S_CONTINUE_NEEDED;
cleanup:
+ release_spnego_ctx(&sc);
gss_release_buffer(&tmpmin, &tmpoutput);
gss_delete_sec_context(&tmpmin, &tmpctx, GSS_C_NO_BUFFER);
gss_release_oid_set(&tmpmin, mechSet);
@@ -1358,9 +1360,11 @@
*return_token = INIT_TOKEN_SEND;
sc->firstpass = 1;
*ctx = (gss_ctx_id_t)sc;
+ sc = NULL;
ret = GSS_S_COMPLETE;
cleanup:
+ release_spnego_ctx(&sc);
gss_release_oid_set(&tmpmin, &supported_mechSet);
return ret;
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
