From 63e70d052c38b63a282be6b837f3805401006b35 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Wed, 12 Jan 2011 13:19:21 +0100
Subject: Potential memory leaks in ipa-kpasswd

This patch fixes 2 situations where a pointer to allocated error
string could be overwritten - which could have resulted in
a memory leak.

https://fedorahosted.org/freeipa/ticket/716
---
 daemons/ipa-kpasswd/ipa_kpasswd.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/daemons/ipa-kpasswd/ipa_kpasswd.c b/daemons/ipa-kpasswd/ipa_kpasswd.c
index dd2b4b857..a8bd80023 100644
--- a/daemons/ipa-kpasswd/ipa_kpasswd.c
+++ b/daemons/ipa-kpasswd/ipa_kpasswd.c
@@ -925,6 +925,9 @@ kpreply:
 	kdec.data[1] = result_err & 0xff;
 	memcpy(&kdec.data[2], result_string, strlen(result_string));
 
+	free(result_string);
+	result_string = NULL;
+
 	krberr = krb5_auth_con_setaddrs(context, auth_context, &lkaddr, NULL);
 	if (krberr) {
 		result_string = strdup("Failed to set local address");
@@ -938,6 +941,9 @@ kpreply:
 		result_string = strdup("Failed to encrypt reply message");
 		syslog(LOG_ERR, "%s: %s", result_string, 
 			krb5_get_error_message(context, krberr));
+
+		free(result_string);
+		result_string = NULL;
 		/* encryption was unsuccessful, let's return a krb error */
 
 		/* the ap data is no more useful */
-- 
cgit