[16763] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[krbdev.mit.edu #9016] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Wed Jul 21 14:32:42 2021

From: "Greg Hudson via RT" <rt@krbdev.mit.edu>
In-Reply-To: 
Message-ID: <rt-4.4.3-2-1027068-1626892346-1646.9016-5-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #9016":;
Date: Wed, 21 Jul 2021 14:32:26 -0400
MIME-Version: 1.0
Reply-To: rt@krbdev.mit.edu
Content-Type: text/plain; charset="utf-8"
Errors-To: krb5-bugs-bounces@mit.edu
Content-Transfer-Encoding: 8bit

<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9016 >

Fix defcred leak in krb5 gss_inquire_cred()

Commit 1cd2821c19b2b95e39d5fc2f451a035585a40fa5 altered the memory
management of krb5_gss_inquire_cred(), introducing defcred to act as
an owner pointer when the function must acquire a default credential.
The commit neglected to update the code to release the default cred
along the successful path.  The old code does not trigger because
cred_handle is now reassigned, so the default credential is leaked.

Reported by Pavel Březina.

(a minimal alternative to commit 593e16448e1af23eef74689afe06a7bcc86e79c7)

https://github.com/krb5/krb5/commit/098f874f3b50dd2c46c0a574677324b5f6f3a1a8
Author: Greg Hudson <ghudson@mit.edu>
Commit: 098f874f3b50dd2c46c0a574677324b5f6f3a1a8
Branch: krb5-1.19
 src/lib/gssapi/krb5/inq_cred.c |    4 +---
 1 files changed, 1 insertions(+), 3 deletions(-)

_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16763] in Kerberos-V5-bugs

[krbdev.mit.edu #9016] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)Wed Jul 21 14:32:42 2021

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Wed Jul 21 14:32:42 2021