Don't leak the reply key's memory during PKINIT

author: Nalin Dahyabhai <nalin@dahyabhai.net> 2013-07-09 17:20:27 -0400
committer: Greg Hudson <ghudson@mit.edu> 2013-07-15 10:57:56 -0400
commit: 40d61fe580a57d63987c4e2b8eecd9f0ed1f1189 (patch)
tree: 76d9fa5a341050b8791c58ed238c27c60203c306 /src/plugins/preauth
parent: 443193a040b9c2fa8668ca85fda505c92d3facfe (diff)
download: krb5-40d61fe580a57d63987c4e2b8eecd9f0ed1f1189.tar.gz
krb5-40d61fe580a57d63987c4e2b8eecd9f0ed1f1189.tar.xz
krb5-40d61fe580a57d63987c4e2b8eecd9f0ed1f1189.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c
index ff564ff86b..5db24dad37 100644
--- a/src/plugins/preauth/pkinit/pkinit_clnt.c
+++ b/src/plugins/preauth/pkinit/pkinit_clnt.c
@@ -1130,8 +1130,10 @@ pkinit_client_process(krb5_context context, krb5_clpreauth_moddata moddata,
         retval = pa_pkinit_parse_rep(context, plgctx, reqctx, request,
                                      in_padata, enctype, &as_key,
                                      encoded_previous_request);
-        if (retval == 0)
+        if (retval == 0) {
             retval = cb->set_as_key(context, rock, &as_key);
+            krb5_free_keyblock_contents(context, &as_key);
+        }
     }
 
     pkiDebug("pkinit_client_process: returning %d (%s)\n",
author	Nalin Dahyabhai <nalin@dahyabhai.net>	2013-07-09 17:20:27 -0400
committer	Greg Hudson <ghudson@mit.edu>	2013-07-15 10:57:56 -0400
commit	40d61fe580a57d63987c4e2b8eecd9f0ed1f1189 (patch)
tree	76d9fa5a341050b8791c58ed238c27c60203c306 /src/plugins/preauth
parent	443193a040b9c2fa8668ca85fda505c92d3facfe (diff)
download	krb5-40d61fe580a57d63987c4e2b8eecd9f0ed1f1189.tar.gz krb5-40d61fe580a57d63987c4e2b8eecd9f0ed1f1189.tar.xz krb5-40d61fe580a57d63987c4e2b8eecd9f0ed1f1189.zip