diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2014-04-08 10:56:22 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-04-08 14:12:23 +0200 |
commit | 47bc2d6639c41da1e5bac37eb4af3559bbc0e10e (patch) | |
tree | 0bc82e199cf373bead318d8d32d768d446e26da0 /src/providers/ldap/ldap_child.c | |
parent | dce1791fc357bebf938f9af93d7e0ec72ac7f719 (diff) | |
download | sssd-47bc2d6639c41da1e5bac37eb4af3559bbc0e10e.tar.gz sssd-47bc2d6639c41da1e5bac37eb4af3559bbc0e10e.tar.xz sssd-47bc2d6639c41da1e5bac37eb4af3559bbc0e10e.zip |
krb5_child: Fix use after free in debug message
debug_prg_name is used in debug_fn and it was allocated under
talloc context "kr". The variable "kr" was removed before the last debug
messages in function main. It is very little change that it will be overridden.
It is possible to see this issue with exported environment variable
TALLOC_FREE_FILL=255
Reviewed-by: Sumit Bose <sbose@redhat.com>
Diffstat (limited to 'src/providers/ldap/ldap_child.c')
-rw-r--r-- | src/providers/ldap/ldap_child.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c index 34f23ec80..0e5e1614a 100644 --- a/src/providers/ldap/ldap_child.c +++ b/src/providers/ldap/ldap_child.c @@ -462,6 +462,7 @@ int main(int argc, const char *argv[]) debug_prg_name = talloc_asprintf(NULL, "[sssd[ldap_child[%d]]]", getpid()); if (!debug_prg_name) { + debug_prg_name = "[sssd[ldap_child]]"; DEBUG(SSSDBG_CRIT_FAILURE, "talloc_asprintf failed.\n"); goto fail; } |