[351] in Kerberos-V5-bugs
another minor memory leak in kdcr2kkdcr.c
daemon@ATHENA.MIT.EDU (Jim Miller)
Mon Sep 20 15:59:04 1993
From: jim@bilbo.suite.com (Jim Miller)
Date: Mon, 20 Sep 93 14:26:58 -0500
To: krb5-bugs@MIT.EDU
Cc: kerberos@MIT.EDU
Reply-To: Jim_Miller@suite.com
The following is for Kerberos 5 pre-beta3 with KRB_CRED patches applied...
The memory leak only occurs if there is an abnormal exist from the routine.
In the file "lib/asn.1/kdcr2kkdcr2.c", in the function
"element_KRB5_112krb5_pa_data" we see the following code:
for (i = 0, rv = val; rv; rv = rv->next, i++) {
if (qb_pullup(rv->PA__DATA->pa__data) != OK) {
xfree(retval); <- *** leaks if exits after looping
*error = ENOMEM;
return(0);
}
retval[i] = (krb5_pa_data *) xmalloc(sizeof(*retval[i]));
if (!retval[i]) {
krb5_free_pa_data(retval);
*error = ENOMEM;
return(0);
}
.
.
.
If we loop a few times and then exit because of an error detected in qb_pullup,
then some memory doesn't get freed. Not sure how likely this is, but I thought
I'd point it out anyways.
Suggested fix:
if (qb_pullup(rv->PA__DATA->pa__data) != OK) {
! krb5_free_pa_data(retval);
*error = ENOMEM;
return(0);
}
Jim_Miller@suite.com
