diff options
author | Sam Hartman <hartmans@mit.edu> | 2003-05-27 20:02:50 +0000 |
---|---|---|
committer | Sam Hartman <hartmans@mit.edu> | 2003-05-27 20:02:50 +0000 |
commit | ba8ceb5137aa50310e8d8886aa18c2049bbf977d (patch) | |
tree | f9d84b9d711754cb930ce4b69b666130f124b692 /src/lib | |
parent | 61c7d066f989e1c24ef845d7b89d2d4ac276cfc9 (diff) | |
download | krb5-ba8ceb5137aa50310e8d8886aa18c2049bbf977d.tar.gz krb5-ba8ceb5137aa50310e8d8886aa18c2049bbf977d.tar.xz krb5-ba8ceb5137aa50310e8d8886aa18c2049bbf977d.zip |
Avoid memory leak of server and client principal in
krb5_get_in_tkt_with{_password,_keytab}
Ticket: 1525
Tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15498 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/krb5/krb/ChangeLog | 7 | ||||
-rw-r--r-- | src/lib/krb5/krb/gic_keytab.c | 36 | ||||
-rw-r--r-- | src/lib/krb5/krb/gic_pwd.c | 10 |
3 files changed, 52 insertions, 1 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index d8b1dbae3d..29fdca9ce9 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,10 @@ +2003-05-27 Sam Hartman <hartmans@mit.edu> + + * gic_keytab.c (krb5_get_in_tkt_with_keytab): as below + + * gic_pwd.c (krb5_get_in_tkt_with_password): Store client and + server principals to avoid memory leak + 2003-05-24 Ken Raeburn <raeburn@mit.edu> * conv_creds.c: New file, moved from krb524/conv_creds.c and diff --git a/src/lib/krb5/krb/gic_keytab.c b/src/lib/krb5/krb/gic_keytab.c index dc8d473951..725b76a284 100644 --- a/src/lib/krb5/krb/gic_keytab.c +++ b/src/lib/krb5/krb/gic_keytab.c @@ -1,3 +1,29 @@ +/* + * lib/krb5/krb/gic_keytab.c + * + * Copyright (C) 2002, 2003 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + #include "k5-int.h" static krb5_error_code @@ -127,6 +153,8 @@ krb5_get_in_tkt_with_keytab(krb5_context context, krb5_flags options, krb5_get_init_creds_opt opt; char * server = NULL; krb5_keytab keytab; + krb5_principal client_princ, server_princ; + krb5int_populate_gic_opt(context, &opt, options, addrs, ktypes, pre_auth_types); @@ -140,6 +168,8 @@ krb5_get_in_tkt_with_keytab(krb5_context context, krb5_flags options, retval = krb5_unparse_name( context, creds->server, &server); if (retval) goto cleanup; + server_princ = creds->server; + client_princ = creds->client; retval = krb5_get_init_creds (context, creds, creds->client, krb5_prompter_posix, NULL, @@ -150,6 +180,12 @@ krb5_get_in_tkt_with_keytab(krb5_context context, krb5_flags options, if (retval) { goto cleanup; } + if (creds->server) + krb5_free_principal( context, creds->server); + if (creds->client) + krb5_free_principal( context, creds->client); + creds->client = client_princ; + creds->server = server_princ; /* store it in the ccache! */ if (ccache) diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c index fb5a409730..aa748dbd3d 100644 --- a/src/lib/krb5/krb/gic_pwd.c +++ b/src/lib/krb5/krb/gic_pwd.c @@ -429,6 +429,7 @@ krb5_get_in_tkt_with_password(krb5_context context, krb5_flags options, char pw0array[1024]; krb5_get_init_creds_opt opt; char * server; + krb5_principal server_princ, client_princ; pw0array[0] = '\0'; pw0.data = pw0array; @@ -448,6 +449,8 @@ krb5_get_in_tkt_with_password(krb5_context context, krb5_flags options, retval = krb5_unparse_name( context, creds->server, &server); if (retval) return (retval); + server_princ = creds->server; + client_princ = creds->client; retval = krb5_get_init_creds (context, creds, creds->client, krb5_prompter_posix, NULL, @@ -458,7 +461,12 @@ krb5_get_in_tkt_with_password(krb5_context context, krb5_flags options, if (retval) { return (retval); } - + if (creds->server) + krb5_free_principal( context, creds->server); + if (creds->client) + krb5_free_principal( context, creds->client); + creds->client = client_princ; + creds->server = server_princ; /* store it in the ccache! */ if (ccache) if ((retval = krb5_cc_store_cred(context, ccache, creds))) |