summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5
diff options
context:
space:
mode:
authorTom Yu <tlyu@mit.edu>2004-09-21 20:48:39 +0000
committerTom Yu <tlyu@mit.edu>2004-09-21 20:48:39 +0000
commit5669bf57b928d5494bfbd4162791371fbe78127f (patch)
treec9435736c2184d65829b556cbbec2de68cab669a /src/lib/krb5
parent3170edb46d86cda141bc07a845350d2b366bcb87 (diff)
downloadkrb5-5669bf57b928d5494bfbd4162791371fbe78127f.tar.gz
krb5-5669bf57b928d5494bfbd4162791371fbe78127f.tar.xz
krb5-5669bf57b928d5494bfbd4162791371fbe78127f.zip
memory leak in rd_cred.c
* rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid leak. Reported by Derrick Schommer. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16772 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5')
-rw-r--r--src/lib/krb5/krb/ChangeLog5
-rw-r--r--src/lib/krb5/krb/rd_cred.c6
2 files changed, 10 insertions, 1 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index c8ef25821..c16ad787a 100644
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,8 @@
+2004-09-21 Tom Yu <tlyu@mit.edu>
+
+ * rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid
+ leak, reported by Derrick Schommer.
+
2004-08-31 Tom Yu <tlyu@mit.edu>
* rd_rep.c:
diff --git a/src/lib/krb5/krb/rd_cred.c b/src/lib/krb5/krb/rd_cred.c
index 11be47f05..a29eb0522 100644
--- a/src/lib/krb5/krb/rd_cred.c
+++ b/src/lib/krb5/krb/rd_cred.c
@@ -14,7 +14,7 @@
static krb5_error_code
decrypt_credencdata(krb5_context context, krb5_cred *pcred, krb5_keyblock *pkeyblock, krb5_cred_enc_part *pcredenc)
{
- krb5_cred_enc_part * ppart;
+ krb5_cred_enc_part * ppart = NULL;
krb5_error_code retval;
krb5_data scratch;
@@ -39,6 +39,10 @@ decrypt_credencdata(krb5_context context, krb5_cred *pcred, krb5_keyblock *pkeyb
retval = 0;
cleanup:
+ if (ppart != NULL) {
+ memset(ppart, 0, sizeof(*ppart));
+ krb5_xfree(ppart);
+ }
memset(scratch.data, 0, scratch.length);
krb5_xfree(scratch.data);