diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2008-11-24 19:19:14 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2008-11-24 19:19:14 +0000 |
| commit | f925d4ab3b8d70e20541b403ac0e69a5d8cb18cb (patch) | |
| tree | 11fd0d8f181fd98cbfe6884a351d0673da670013 /src | |
| parent | fbe746095af4227a2102d5989debb304410fb576 (diff) | |
| download | krb5-f925d4ab3b8d70e20541b403ac0e69a5d8cb18cb.tar.gz krb5-f925d4ab3b8d70e20541b403ac0e69a5d8cb18cb.tar.xz krb5-f925d4ab3b8d70e20541b403ac0e69a5d8cb18cb.zip | |
Fix memory leak caught by valgrind
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21179 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/krb5/krb/rd_req_dec.c | 52 |
1 files changed, 29 insertions, 23 deletions
diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c index 653afa0db..b81266d26 100644 --- a/src/lib/krb5/krb/rd_req_dec.c +++ b/src/lib/krb5/krb/rd_req_dec.c @@ -2,7 +2,7 @@ * lib/krb5/krb/rd_req_dec.c * * Copyright (c) 1994 CyberSAFE Corporation. - * Copyright 1990,1991,2007 by the Massachusetts Institute of Technology. + * Copyright 1990,1991,2007,2008 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -302,25 +302,33 @@ krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, /* no etype check needed */; } else if ((*auth_context)->permitted_etypes == NULL) { int etype; - size_t size_etype_enc = 3 * sizeof(krb5_enctype); /* upto three types */ + size_t size_etype_enc = 3 * sizeof(krb5_enctype); /* upto three types */ size_t size_etype_bool = 3 * sizeof(krb5_boolean); krb5_etypes_permitted etypes; memset(&etypes, 0, sizeof etypes); - etypes.etype = (krb5_enctype*) malloc( size_etype_enc ); - etypes.etype_ok = (krb5_boolean*) malloc( size_etype_bool ); - memset(etypes.etype, 0, size_etype_enc ); - memset(etypes.etype_ok, 0, size_etype_bool ); + etypes.etype = (krb5_enctype*) malloc(size_etype_enc); + if (etypes.etype == NULL) { + retval = ENOMEM; + goto cleanup; + } + etypes.etype_ok = (krb5_boolean*) malloc(size_etype_bool); + if (etypes.etype_ok == NULL) { + retval = ENOMEM; + free(etypes.etype); + goto cleanup; + } + memset(etypes.etype, 0, size_etype_enc); + memset(etypes.etype_ok, 0, size_etype_bool); etypes.etype[etypes.etype_count++] = req->ticket->enc_part.enctype; etypes.etype[etypes.etype_count++] = req->ticket->enc_part2->session->enctype; - if ( (*auth_context)->authentp->subkey) { + if ((*auth_context)->authentp->subkey) { etypes.etype[etypes.etype_count++] = (*auth_context)->authentp->subkey->enctype; } retval = krb5_is_permitted_enctype_ext(context, &etypes); - #if 0 /* check against the default set */ if ((!krb5_is_permitted_enctype(context, @@ -331,25 +339,21 @@ krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, !krb5_is_permitted_enctype(context, etype = (*auth_context)->authentp->subkey->enctype))) { #endif - if ( retval == 0 /* all etypes are not permitted */ || - ( !etypes.etype_ok[0] || !etypes.etype_ok[1] || - (((*auth_context)->authentp->subkey) && !etypes.etype_ok[etypes.etype_count-1]))) - { + if (retval == 0 /* all etypes are not permitted */ || + (!etypes.etype_ok[0] || !etypes.etype_ok[1] || + (((*auth_context)->authentp->subkey) && !etypes.etype_ok[etypes.etype_count-1]))) { char enctype_name[30]; retval = KRB5_NOPERM_ETYPE; - if ( !etypes.etype_ok[0] ) - { - etype = etypes.etype[1]; - } - else if ( !etypes.etype_ok[1] ) - { - etype = etypes.etype[1]; - } - else - { - etype = etypes.etype[2]; + if (!etypes.etype_ok[0]) { + etype = etypes.etype[1]; + } else if (!etypes.etype_ok[1]) { + etype = etypes.etype[1]; + } else { + etype = etypes.etype[2]; } + free(etypes.etype); + free(etypes.etype_ok); if (krb5_enctype_to_string(etype, enctype_name, sizeof(enctype_name)) == 0) krb5_set_error_message(context, retval, @@ -357,6 +361,8 @@ krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, enctype_name); goto cleanup; } + free(etypes.etype); + free(etypes.etype_ok); } else { /* check against the set in the auth_context */ int i; |