[17242] in Kerberos_V5_Development
Re: [PATCH 4/4] Use gssalloc_malloc()/gssalloc_free() with
daemon@ATHENA.MIT.EDU (Kevin Wasserman)
Mon Oct 3 10:51:41 2011
Message-ID: <SNT101-DS105DDE5433073C9363DCBBB5FA0@phx.gbl>
From: "Kevin Wasserman" <krwasserman@hotmail.com>
To: "Nico Williams" <nico@cryptonector.com>,
"Sam Hartman" <hartmans@painless-security.com>
In-Reply-To: <SNT101-DS1716FE0A86E42F3FC3BA43B5F10@phx.gbl>
Date: Mon, 3 Oct 2011 10:51:32 -0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0150_01CC81BA.6A0F27A0"
Cc: krbdev@mit.edu
Errors-To: krbdev-bounces@mit.edu
This is a multi-part message in MIME format.
------=_NextPart_000_0150_01CC81BA.6A0F27A0
Content-Type: text/plain; format=flowed; charset="utf-8"; reply-type=response
Content-Transfer-Encoding: 7bit
Revised patch attached; it fixes gss-server.c to correctly use
malloc/free/gss_release_buffer as appropriate; no changes
were necessary for gss-client.c or gss-misc.c.
-----Original Message-----
From: Kevin Wasserman
Sent: Wednesday, September 28, 2011 5:37 PM
To: Nico Williams ; Sam Hartman
Cc: krbdev@mit.edu ; kevin.wasserman@painless-security.com
Subject: Re: [PATCH 4/4] Use gssalloc_malloc()/gssalloc_free() with
gss_buffer_t.
Yes, sorry, I was just trying to consistently use gssalloc with all
gss_buffer_t; I'll fix the gss_sample applications to just use
malloc/free/gss_release_buffer as appropriate.
-Kevin
-----Original Message-----
From: Nico Williams
Sent: Wednesday, September 28, 2011 5:03 PM
To: Sam Hartman
Cc: krbdev@mit.edu ; kevin.wasserman@painless-security.com
Subject: Re: [PATCH 4/4] Use gssalloc_malloc()/gssalloc_free() with
gss_buffer_t.
On Wed, Sep 28, 2011 at 2:50 PM, Sam Hartman
<hartmans@painless-security.com> wrote:
> From: Kevin Wasserman <kevin.wasserman@painless-security.com>
>
> gss_buffer_t may be freed in a different module from where they
> are allocated so it is not safe to use malloc/free.
>
> Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
...
> diff --git a/src/appl/gss-sample/gss-client.c
> b/src/appl/gss-sample/gss-client.c
> index 1cb797d..927681f 100644
> --- a/src/appl/gss-sample/gss-client.c
> +++ b/src/appl/gss-sample/gss-client.c
> @@ -65,6 +65,7 @@
>
> #include <gssapi/gssapi_generic.h>
> #include <gssapi/gssapi_krb5.h>
> +#include <gssapi/gssapi_alloc.h>
> #include <gssapi/gssapi_ext.h>
> #include "gss-misc.h"
> #include "port-sockets.h"
> @@ -308,7 +309,7 @@ client_establish_context(int s, char *service_name,
> OM_uint32 gss_flags,
> NULL); /* time_rec */
>
> if (token_ptr != GSS_C_NO_BUFFER)
> - free(recv_tok.value);
> + gssalloc_free(recv_tok.value);
Er, no, none of the apps should be using new functions, only
gss_release_buffer() when they were free()ing (or, free() when they
were using gss_release_buffer() for application-allocated buffers).
Nico
--
------=_NextPart_000_0150_01CC81BA.6A0F27A0
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
------=_NextPart_000_0150_01CC81BA.6A0F27A0--
