diff options
| author | Greg Hudson <ghudson@mit.edu> | 2013-03-25 19:17:34 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-03-26 13:01:29 -0400 |
| commit | 58871c23ee9b5a9201f479127fda65e7fcf06310 (patch) | |
| tree | 4f12cad0173686fd11f5edbbe849b741c739709e | |
| parent | 47ec1ab146334f94b97e6572904a14ad67ee2524 (diff) | |
| download | krb5-proxymech.tar.gz krb5-proxymech.tar.xz krb5-proxymech.zip | |
Fix minor KDC memory leaksproxymech
Fix some small memory leaks which happen only in rare failure
conditions. Reported by Will Fiveash <will.fiveash@oracle.com>.
| -rw-r--r-- | src/kdc/kdc_authdata.c | 24 | ||||
| -rw-r--r-- | src/kdc/kdc_util.c | 4 | ||||
| -rw-r--r-- | src/kdc/main.c | 2 |
3 files changed, 13 insertions, 17 deletions
diff --git a/src/kdc/kdc_authdata.c b/src/kdc/kdc_authdata.c index ed0b28157..5a50a4762 100644 --- a/src/kdc/kdc_authdata.c +++ b/src/kdc/kdc_authdata.c @@ -489,7 +489,8 @@ merge_authdata (krb5_context context, krb5_boolean ignore_kdc_issued) { size_t i, j, nadata = 0; - krb5_authdata **authdata = *out_authdata; + krb5_authdata **in_copy = NULL, **authdata = *out_authdata; + krb5_error_code code; if (in_authdata == NULL || in_authdata[0] == NULL) return 0; @@ -502,24 +503,17 @@ merge_authdata (krb5_context context, for (i = 0; in_authdata[i] != NULL; i++) ; - if (authdata == NULL) { - authdata = (krb5_authdata **)calloc(i + 1, sizeof(krb5_authdata *)); - } else { - authdata = (krb5_authdata **)realloc(authdata, - ((nadata + i + 1) * sizeof(krb5_authdata *))); - } - if (authdata == NULL) - return ENOMEM; - if (copy) { - krb5_error_code code; - krb5_authdata **tmp; - - code = krb5_copy_authdata(context, in_authdata, &tmp); + code = krb5_copy_authdata(context, in_authdata, &in_copy); if (code != 0) return code; + in_authdata = in_copy; + } - in_authdata = tmp; + authdata = realloc(authdata, (nadata + i + 1) * sizeof(krb5_authdata *)); + if (authdata == NULL) { + krb5_free_authdata(context, in_copy); + return ENOMEM; } for (i = 0, j = 0; in_authdata[i] != NULL; i++) { diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 930aa7a5e..4e85f6875 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -1349,8 +1349,10 @@ kdc_make_s4u2self_rep(krb5_context context, code = add_pa_data_element(context,&padata, &reply_encpart->enc_padata, FALSE); - if (code != 0) + if (code != 0) { + free(padata.contents); goto cleanup; + } } cleanup: diff --git a/src/kdc/main.c b/src/kdc/main.c index 2f08df60d..6c115a9df 100644 --- a/src/kdc/main.c +++ b/src/kdc/main.c @@ -507,6 +507,7 @@ create_workers(verto_ctx *ctx, int num) for (i = 0; i < num; i++) { pid = fork(); if (pid == 0) { + free(pids); if (!verto_reinitialize(ctx)) { krb5_klog_syslog(LOG_ERR, _("Unable to reinitialize main loop")); @@ -524,7 +525,6 @@ create_workers(verto_ctx *ctx, int num) exit(0); /* Return control to main() in the new worker process. */ - free(pids); return 0; } if (pid == -1) { |