[16857] in Kerberos-V5-bugs
[krbdev.mit.edu #9065] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Tue Nov 15 11:32:40 2022
From: "Greg Hudson via RT" <rt@krbdev.mit.edu>
In-Reply-To:
Message-ID: <rt-4.4.3-2-489399-1668529922-625.9065-5-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #9065":;
Date: Tue, 15 Nov 2022 11:32:02 -0500
MIME-Version: 1.0
Reply-To: rt@krbdev.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9065 >
Fix uncommon PKINIT memory leak
PKINIT per-request module data objects are normally created by
pkinit_server_verify_padata() and freed by
pkinit_server_return_padata(). In some unusual circumstances, the KDC
may not call the return_padata method after verification succeeds.
Add a free_modreq method and free the object there instead.
[ghudson@mit.edu: rewrote commit message]
(cherry picked from commit 883415036a4b4e0372b84a5a6e46c10b3a67aba0)
https://github.com/krb5/krb5/commit/440c974aee745cd435d5cecc8976d7679ae1f7a6
Author: sashan <anedvedicky@gmail.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 440c974aee745cd435d5cecc8976d7679ae1f7a6
Branch: krb5-1.20
src/plugins/preauth/pkinit/pkinit_srv.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
