diff options
author | Tom Yu <tlyu@mit.edu> | 2000-02-15 05:12:30 +0000 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2000-02-15 05:12:30 +0000 |
commit | 9d0c85dfe2d5fbe2449f67014217f8c3e05c865f (patch) | |
tree | 05ab54b8f2d1e9f43a1fbaa360719d5aed6ad9e7 /src/lib | |
parent | 69357b54afbe8232ad849da28f13f2b6190f91d9 (diff) | |
download | krb5-9d0c85dfe2d5fbe2449f67014217f8c3e05c865f.tar.gz krb5-9d0c85dfe2d5fbe2449f67014217f8c3e05c865f.tar.xz krb5-9d0c85dfe2d5fbe2449f67014217f8c3e05c865f.zip |
* svc.c (xprt_register): Zero out xports after allocating
* auth_gssapi_misc.c (xdr_authgssapi_creds):
(xdr_authgssapi_init_arg):
(xdr_authgssapi_init_res):
(auth_gssapi_unwrap_data): If xdr_gss_buf or xdr_bytes fails, call
again with XDR_FREE set so that allocated memory doesn't leak.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12041 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/rpc/ChangeLog | 10 | ||||
-rw-r--r-- | src/lib/rpc/auth_gssapi_misc.c | 56 | ||||
-rw-r--r-- | src/lib/rpc/svc.c | 1 |
3 files changed, 51 insertions, 16 deletions
diff --git a/src/lib/rpc/ChangeLog b/src/lib/rpc/ChangeLog index 77b0f06a0..9dca9664f 100644 --- a/src/lib/rpc/ChangeLog +++ b/src/lib/rpc/ChangeLog @@ -1,3 +1,13 @@ +2000-02-14 Tom Yu <tlyu@mit.edu> + + * svc.c (xprt_register): Zero out xports after allocating. + + * auth_gssapi_misc.c (xdr_authgssapi_creds): + (xdr_authgssapi_init_arg): + (xdr_authgssapi_init_res): + (auth_gssapi_unwrap_data): If xdr_gss_buf or xdr_bytes fails, call + again with XDR_FREE set so that allocated memory doesn't leak. + 2000-01-24 Tom Yu <tlyu@mit.edu> * get_myaddress.c (gssrpc_get_myaddress): Copy in from NetBSD; diff --git a/src/lib/rpc/auth_gssapi_misc.c b/src/lib/rpc/auth_gssapi_misc.c index 818aaeb46..4bc691178 100644 --- a/src/lib/rpc/auth_gssapi_misc.c +++ b/src/lib/rpc/auth_gssapi_misc.c @@ -49,9 +49,13 @@ bool_t xdr_authgssapi_creds(xdrs, creds) auth_gssapi_creds *creds; { if (! xdr_u_int32(xdrs, &creds->version) || - ! xdr_bool(xdrs, &creds->auth_msg) || - ! xdr_gss_buf(xdrs, &creds->client_handle)) - return FALSE; + ! xdr_bool(xdrs, &creds->auth_msg)) + return FALSE; + if (! xdr_gss_buf(xdrs, &creds->client_handle)) { + xdrs->x_op = XDR_FREE; + (void)xdr_gss_buf(xdrs, &creds->client_handle); + return FALSE; + } return TRUE; } @@ -59,9 +63,13 @@ bool_t xdr_authgssapi_init_arg(xdrs, init_arg) XDR *xdrs; auth_gssapi_init_arg *init_arg; { - if (! xdr_u_int32(xdrs, &init_arg->version) || - ! xdr_gss_buf(xdrs, &init_arg->token)) - return FALSE; + if (! xdr_u_int32(xdrs, &init_arg->version)) + return FALSE; + if (! xdr_gss_buf(xdrs, &init_arg->token)) { + xdrs->x_op = XDR_FREE; + (void)xdr_gss_buf(xdrs, &init_arg->token); + return FALSE; + } return TRUE; } @@ -69,13 +77,26 @@ bool_t xdr_authgssapi_init_res(xdrs, init_res) XDR *xdrs; auth_gssapi_init_res *init_res; { - if (! xdr_u_int32(xdrs, &init_res->version) || - ! xdr_gss_buf(xdrs, &init_res->client_handle) || - ! xdr_u_int32(xdrs, &init_res->gss_major) || - ! xdr_u_int32(xdrs, &init_res->gss_minor) || - ! xdr_gss_buf(xdrs, &init_res->token) || - ! xdr_gss_buf(xdrs, &init_res->signed_isn)) - return FALSE; + if (! xdr_u_int32(xdrs, &init_res->version)) + return FALSE; + if (! xdr_gss_buf(xdrs, &init_res->client_handle)) { + xdrs->x_op = XDR_FREE; + (void)xdr_gss_buf(xdrs, &init_res->client_handle); + return FALSE; + } + if (! xdr_u_int32(xdrs, &init_res->gss_major) || + ! xdr_u_int32(xdrs, &init_res->gss_minor)) + return FALSE; + if (! xdr_gss_buf(xdrs, &init_res->token)) { + xdrs->x_op = XDR_FREE; + (void)xdr_gss_buf(xdrs, &init_res->token); + return FALSE; + } + if (! xdr_gss_buf(xdrs, &init_res->signed_isn)) { + xdrs->x_op = XDR_FREE; + (void)xdr_gss_buf(xdrs, &init_res->signed_isn); + return FALSE; + } return TRUE; } @@ -264,11 +285,14 @@ bool_t auth_gssapi_unwrap_data(major, minor, context, seq_num, in_buf.value = NULL; out_buf.value = NULL; - if (! xdr_bytes(in_xdrs, (char **) &in_buf.value, (unsigned int *) &in_buf.length, (unsigned int) -1)) { - PRINTF(("gssapi_unwrap_data: deserializing encrypted data failed\n")); - return FALSE; + PRINTF(("gssapi_unwrap_data: deserializing encrypted data failed\n")); + in_xdrs->x_op = XDR_FREE; + (void)xdr_bytes(in_xdrs, (char **) &in_buf.value, + (unsigned int *) &in_buf.length, + (unsigned int) -1); + return FALSE; } *major = gss_unseal(minor, context, &in_buf, &out_buf, &conf, diff --git a/src/lib/rpc/svc.c b/src/lib/rpc/svc.c index f38b0debc..3118df241 100644 --- a/src/lib/rpc/svc.c +++ b/src/lib/rpc/svc.c @@ -90,6 +90,7 @@ xprt_register(xprt) if (xports == NULL) { xports = (SVCXPRT **) mem_alloc(FD_SETSIZE * sizeof(SVCXPRT *)); + memset(xports, 0, FD_SETSIZE * sizeof(SVCXPRT *)); } if (sock < _gssrpc_rpc_dtablesize()) { xports[sock] = xprt; |