[16049] in Kerberos-V5-bugs

home help back first fref pref prev next nref lref last post

[krbdev.mit.edu #8699] Resource leak in k5_os_hostaddr()

daemon@ATHENA.MIT.EDU (Bean Zhang via RT)
Fri Jun 15 10:51:25 2018

Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Bean Zhang via RT" <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <rt-8699@krbdev.mit.edu>
Message-ID: <rt-8699-48637.13.982843803326@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #8699'":;
Date: Fri, 15 Jun 2018 10:51:20 -0400 (EDT)
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu

Hi Team,

k5_os_hostaddr() in krb5-1.16.1/src/lib/krb5/os/hostaddr.c
calls getaddrinfo(name, 0, &hints, &ai) to get the addr info and store allocated memory to pointer "ai"
later if fails to call malloc((i+1) * sizeof(*addrs)), function directly return without freeing the storage ai points to.

The fix is to call "retval = ENOMEM; goto errout;" instead of "return ENOMEM;"

Could someone help to take a look?

Thanks,
Bean

_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs

home help back first fref pref prev next nref lref last post