[724] in Kerberos-V5-bugs
Memory leak in KDC
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Thu Sep 8 16:06:56 1994
Date: Thu, 8 Sep 1994 16:07:59 -0400
From: "Jonathan I. Kamens" <jik@cam.ov.com>
To: krb5-bugs@MIT.EDU
The function kdc_process_tgs_req in kdc_util.c in the KDC doesn't free
the authdat returned by krb5_rd_req_decoded if it succeeds and there's
an error later.
The (untested) patch below fixes this.
jik
--- kdc/kdc_util.c Sat Jul 16 02:00:59 1994
+++ kdc_util.c Thu Sep 8 16:06:26 1994
@@ -198,7 +198,7 @@
krb5_tkt_authent **ret_authdat;
{
krb5_ap_req *apreq = 0;
- krb5_tkt_authent *authdat, *nauthdat;
+ krb5_tkt_authent *authdat, *nauthdat = 0;
struct kparg who;
krb5_error_code retval = 0;
krb5_checksum our_cksum;
@@ -274,6 +274,7 @@
if (retval) {
apreq->ticket = 0; /* Caller will free the ticket */
+ nauthdat = 0;
goto cleanup;
}
@@ -349,6 +350,8 @@
krb5_free_ap_req(apreq);
if (scratch)
krb5_free_data(scratch);
+ if (retval && nauthdat)
+ krb5_free_tkt_authent(nauthdat);
return retval;
}
