diff options
author | Tom Yu <tlyu@mit.edu> | 2004-09-21 20:48:39 +0000 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2004-09-21 20:48:39 +0000 |
commit | 5669bf57b928d5494bfbd4162791371fbe78127f (patch) | |
tree | c9435736c2184d65829b556cbbec2de68cab669a /src/lib/krb5 | |
parent | 3170edb46d86cda141bc07a845350d2b366bcb87 (diff) | |
download | krb5-5669bf57b928d5494bfbd4162791371fbe78127f.tar.gz krb5-5669bf57b928d5494bfbd4162791371fbe78127f.tar.xz krb5-5669bf57b928d5494bfbd4162791371fbe78127f.zip |
memory leak in rd_cred.c
* rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid
leak. Reported by Derrick Schommer.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16772 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5')
-rw-r--r-- | src/lib/krb5/krb/ChangeLog | 5 | ||||
-rw-r--r-- | src/lib/krb5/krb/rd_cred.c | 6 |
2 files changed, 10 insertions, 1 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index c8ef25821..c16ad787a 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,8 @@ +2004-09-21 Tom Yu <tlyu@mit.edu> + + * rd_cred.c (decrypt_credencdata): Clear and free ppart to avoid + leak, reported by Derrick Schommer. + 2004-08-31 Tom Yu <tlyu@mit.edu> * rd_rep.c: diff --git a/src/lib/krb5/krb/rd_cred.c b/src/lib/krb5/krb/rd_cred.c index 11be47f05..a29eb0522 100644 --- a/src/lib/krb5/krb/rd_cred.c +++ b/src/lib/krb5/krb/rd_cred.c @@ -14,7 +14,7 @@ static krb5_error_code decrypt_credencdata(krb5_context context, krb5_cred *pcred, krb5_keyblock *pkeyblock, krb5_cred_enc_part *pcredenc) { - krb5_cred_enc_part * ppart; + krb5_cred_enc_part * ppart = NULL; krb5_error_code retval; krb5_data scratch; @@ -39,6 +39,10 @@ decrypt_credencdata(krb5_context context, krb5_cred *pcred, krb5_keyblock *pkeyb retval = 0; cleanup: + if (ppart != NULL) { + memset(ppart, 0, sizeof(*ppart)); + krb5_xfree(ppart); + } memset(scratch.data, 0, scratch.length); krb5_xfree(scratch.data); |