diff options
| author | Martin Kosek <mkosek@redhat.com> | 2011-01-12 13:19:21 +0100 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2011-01-14 14:33:32 -0500 |
| commit | 63e70d052c38b63a282be6b837f3805401006b35 (patch) | |
| tree | 2665af85484e64852c3db800b6528ce00b9f7ef8 /daemons | |
| parent | c69d8084c17c5d94240bda9447ed9546159608a5 (diff) | |
| download | freeipa-63e70d052c38b63a282be6b837f3805401006b35.tar.gz freeipa-63e70d052c38b63a282be6b837f3805401006b35.tar.xz freeipa-63e70d052c38b63a282be6b837f3805401006b35.zip | |
Potential memory leaks in ipa-kpasswd
This patch fixes 2 situations where a pointer to allocated error
string could be overwritten - which could have resulted in
a memory leak.
https://fedorahosted.org/freeipa/ticket/716
Diffstat (limited to 'daemons')
| -rw-r--r-- | daemons/ipa-kpasswd/ipa_kpasswd.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/daemons/ipa-kpasswd/ipa_kpasswd.c b/daemons/ipa-kpasswd/ipa_kpasswd.c index dd2b4b857..a8bd80023 100644 --- a/daemons/ipa-kpasswd/ipa_kpasswd.c +++ b/daemons/ipa-kpasswd/ipa_kpasswd.c @@ -925,6 +925,9 @@ kpreply: kdec.data[1] = result_err & 0xff; memcpy(&kdec.data[2], result_string, strlen(result_string)); + free(result_string); + result_string = NULL; + krberr = krb5_auth_con_setaddrs(context, auth_context, &lkaddr, NULL); if (krberr) { result_string = strdup("Failed to set local address"); @@ -938,6 +941,9 @@ kpreply: result_string = strdup("Failed to encrypt reply message"); syslog(LOG_ERR, "%s: %s", result_string, krb5_get_error_message(context, krberr)); + + free(result_string); + result_string = NULL; /* encryption was unsuccessful, let's return a krb error */ /* the ap data is no more useful */ |