[338] in Kerberos-V5-bugs
minor memory leak in crep2kcrep.c (pre-beta3)
daemon@ATHENA.MIT.EDU (Jim Miller)
Wed Sep 15 18:02:02 1993
From: jim@bilbo.suite.com (Jim Miller)
Date: Wed, 15 Sep 93 16:49:36 -0500
To: krb5-bugs@MIT.EDU
Cc: kerberos@MIT.EDU
Reply-To: Jim_Miller@suite.com
The following code is from crep2kcrep.c, Kerberos 5 version pre-beta3.
However, the same memory leak is present in crep2kcrep.c, Kerberos 5 version
beta2.
krb5_cred_enc_part *
KRB5_EncKrbCredPart2krb5_cred_enc_part(val, error)
const register struct type_KRB5_EncKrbCredPart *val;
register int *error;
{
register krb5_cred_enc_part *retval;
register int i;
register const struct element_KRB5_13 *rv;
retval = (krb5_cred_enc_part *)xmalloc(sizeof(*retval));
if (!retval) {
*error = ENOMEM;
return(0);
}
xbzero((char *)retval, sizeof(*retval));
/* Count ticket_info */
for (i = 0, rv = val->ticket__info; rv; i++, rv = rv->next);
/* plus one for null terminator */
retval->ticket_info = (krb5_cred_info **)
xcalloc(i + 1, sizeof(*retval->ticket_info));
if (!retval->ticket_info) {
nomem:
*error = ENOMEM;
return(0); <- *** returning without freeing retval ***
}
I realize it's not a life threatening memory leak, but I thought you'd like to
know about it anyways.
Suggested fix:
if (!retval->ticket_info) {
- nomem: <- remove the label
*error = ENOMEM;
+ xfree(retval); <- free retval
return(0);
}
.
.
.
if (!retval->ticket_info[i]) {
- krb5_free_cred_enc_part(retval); <- remove this line
+ *error = ENOMEM; <- set error code
! goto errout; <- goto errout instead of nomem
}
Jim_Miller@suite.com
