[16051] in Kerberos-V5-bugs
[krbdev.mit.edu #8698] Resource leak in aname_replacer()
daemon@ATHENA.MIT.EDU (Bean Zhang via RT)
Fri Jun 15 10:53:44 2018
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Bean Zhang via RT" <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <rt-8698@krbdev.mit.edu>
Message-ID: <rt-8698-48636.15.4401427508243@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #8698'":;
Date: Fri, 15 Jun 2018 10:51:20 -0400 (EDT)
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Hi Team,
aname_replacer() in krb5-1.16.1/src/lib/krb5/os/localauth_rule.c
assigns a allocated memory by calling strdup() to pointer current,
later if runs into any "goto cleanup", the allocated momory
"current" points to will not be freed when leaves this function.
The fix is to call free(current) before "goto cleanup".
Could someone help to take a look?
Thanks,
Bean
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs