diff options
| author | Kevin Wasserman <kevin.wasserman@painless-security.com> | 2012-08-01 18:30:02 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2012-08-02 12:22:19 -0400 |
| commit | 4cfdf8da69f52c778af4faaea663981a67634bb6 (patch) | |
| tree | e24d5decd5a2000232f4f137a0b20bfd69c7cfd9 /src | |
| parent | 0543b90234584aa33b857f7ababf0e383663d083 (diff) | |
| download | krb5-4cfdf8da69f52c778af4faaea663981a67634bb6.tar.gz krb5-4cfdf8da69f52c778af4faaea663981a67634bb6.tar.xz krb5-4cfdf8da69f52c778af4faaea663981a67634bb6.zip | |
Fix oid set construction in gss_inquire_cred()
Use gssapi calls to construct the oid sets. It is not safe on windows
to use malloc to hand-construct the set and then call gss_release_oid_set()
to clean it up.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7227 (new)
tags: pullup
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/gssapi/mechglue/g_inq_cred.c | 32 |
1 files changed, 10 insertions, 22 deletions
diff --git a/src/lib/gssapi/mechglue/g_inq_cred.c b/src/lib/gssapi/mechglue/g_inq_cred.c index 3c09d6103e..7dab78172d 100644 --- a/src/lib/gssapi/mechglue/g_inq_cred.c +++ b/src/lib/gssapi/mechglue/g_inq_cred.c @@ -123,29 +123,23 @@ gss_OID_set * mechanisms; */ if(mechanisms != NULL) { - status = GSS_S_FAILURE; - mechs = (gss_OID_set) malloc(sizeof(gss_OID_set_desc)); - if (mechs == NULL) - goto error; - mechs->count = 0; - mechs->elements = malloc(sizeof(gss_OID_desc) * - (union_cred ? union_cred->count : 1)); - if (mechs->elements == NULL) + status = gss_create_empty_oid_set(minor_status, &mechs); + if (GSS_ERROR(status)) goto error; if (union_cred) { for (i = 0; i < union_cred->count; i++) { - mechs->elements[i].elements = - malloc(union_cred->mechs_array[i].length); - if (mechs->elements[i].elements == NULL) + status = gss_add_oid_set_member(minor_status, + &union_cred->mechs_array[i], + &mechs); + if (GSS_ERROR(status)) goto error; - g_OID_copy(&mechs->elements[i], &union_cred->mechs_array[i]); - mechs->count++; } } else { - mechs->elements[0].elements = malloc(mech->mech_type.length); - g_OID_copy(&mechs->elements[0], &mech->mech_type); - mechs->count++; + status = gss_add_oid_set_member(minor_status, + &mech->mech_type, &mechs); + if (GSS_ERROR(status)) + goto error; } *mechanisms = mechs; } @@ -153,12 +147,6 @@ gss_OID_set * mechanisms; return(GSS_S_COMPLETE); error: - /* - * cleanup any allocated memory - we can just call - * gss_release_oid_set, because the set is constructed so that - * count always references the currently copied number of - * elements. - */ if (mechs != NULL) (void) gss_release_oid_set(&temp_minor_status, &mechs); |