[922] in Kerberos_V5_Development
Re: decode_krb5_* leak memory on bad packets
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Tue Sep 12 14:10:40 1995
Date: Tue, 12 Sep 1995 14:10:28 -0400
From: Theodore Ts'o <tytso@MIT.EDU>
To: "Mark W. Eichin" <eichin@MIT.EDU>
Cc: krbdev@MIT.EDU
In-Reply-To: Mark W. Eichin's message of Mon, 11 Sep 95 23:04:24 -0400,
<9509120304.AA00974@perdiem.cygnus.com>
Date: Mon, 11 Sep 95 23:04:24 -0400
From: "Mark W. Eichin" <eichin@MIT.EDU>
A possible solution is to add a rep and type (or name of free
function) argument to the check_apptag macro, and change it to call
the appropriate top-level free routine in case of failure. This makes
the macros a bit messier, but perhaps not too much. Comments? In
particular, should the decode_krb5_* functions change, or the callers?
The decode_krb5_* functions should change, I think. In general, the
memory allocation discpline which we use says that in case of an error,
it's the library function's responsibility for freeing any partially
allocated output field, not the caller's responsibility. Things are
much simpler that way, and in the long run it'll be less work to do it
in the function call, instead of trying to track down all of its callers
and trying to do it there.
- Ted
