summaryrefslogtreecommitdiffstats
path: root/daemons
diff options
context:
space:
mode:
authorMartin Kosek <mkosek@redhat.com>2011-01-12 13:19:21 +0100
committerSimo Sorce <ssorce@redhat.com>2011-01-14 14:33:32 -0500
commit63e70d052c38b63a282be6b837f3805401006b35 (patch)
tree2665af85484e64852c3db800b6528ce00b9f7ef8 /daemons
parentc69d8084c17c5d94240bda9447ed9546159608a5 (diff)
downloadfreeipa-63e70d052c38b63a282be6b837f3805401006b35.tar.gz
freeipa-63e70d052c38b63a282be6b837f3805401006b35.tar.xz
freeipa-63e70d052c38b63a282be6b837f3805401006b35.zip
Potential memory leaks in ipa-kpasswd
This patch fixes 2 situations where a pointer to allocated error string could be overwritten - which could have resulted in a memory leak. https://fedorahosted.org/freeipa/ticket/716
Diffstat (limited to 'daemons')
-rw-r--r--daemons/ipa-kpasswd/ipa_kpasswd.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/daemons/ipa-kpasswd/ipa_kpasswd.c b/daemons/ipa-kpasswd/ipa_kpasswd.c
index dd2b4b857..a8bd80023 100644
--- a/daemons/ipa-kpasswd/ipa_kpasswd.c
+++ b/daemons/ipa-kpasswd/ipa_kpasswd.c
@@ -925,6 +925,9 @@ kpreply:
kdec.data[1] = result_err & 0xff;
memcpy(&kdec.data[2], result_string, strlen(result_string));
+ free(result_string);
+ result_string = NULL;
+
krberr = krb5_auth_con_setaddrs(context, auth_context, &lkaddr, NULL);
if (krberr) {
result_string = strdup("Failed to set local address");
@@ -938,6 +941,9 @@ kpreply:
result_string = strdup("Failed to encrypt reply message");
syslog(LOG_ERR, "%s: %s", result_string,
krb5_get_error_message(context, krberr));
+
+ free(result_string);
+ result_string = NULL;
/* encryption was unsuccessful, let's return a krb error */
/* the ap data is no more useful */