diff options
author | Greg Hudson <ghudson@mit.edu> | 2010-04-21 23:20:29 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2010-04-21 23:20:29 +0000 |
commit | 736c9f81b080c02c657bc9ca5e63c37d96d4b9bb (patch) | |
tree | 886b0fd63e1d89be028462ee088b6a416e0eb531 /src | |
parent | 3376608c3df0c522c2b928c72f7e89cee7c9e949 (diff) | |
download | krb5-736c9f81b080c02c657bc9ca5e63c37d96d4b9bb.tar.gz krb5-736c9f81b080c02c657bc9ca5e63c37d96d4b9bb.tar.xz krb5-736c9f81b080c02c657bc9ca5e63c37d96d4b9bb.zip |
In the get_credentials() helper of the gss-krb5 init_sec_context code,
ensure that *out_creds is only filled in on successful return.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23917 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/gssapi/krb5/init_sec_context.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index cbc9ed936..fd29c4571 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -128,10 +128,12 @@ static krb5_error_code get_credentials(context, cred, server, now, krb5_creds **out_creds; { krb5_error_code code; - krb5_creds in_creds, evidence_creds; + krb5_creds in_creds, evidence_creds, *result_creds = NULL; krb5_flags flags = 0; krb5_principal cc_princ = NULL; + *out_creds = NULL; + k5_mutex_assert_locked(&cred->lock); memset(&in_creds, 0, sizeof(krb5_creds)); memset(&evidence_creds, 0, sizeof(krb5_creds)); @@ -196,7 +198,7 @@ static krb5_error_code get_credentials(context, cred, server, now, } code = krb5_get_credentials(context, flags, cred->ccache, - &in_creds, out_creds); + &in_creds, &result_creds); if (code) goto cleanup; @@ -220,10 +222,14 @@ static krb5_error_code get_credentials(context, cred, server, now, goto cleanup; } + *out_creds = result_creds; + result_creds = NULL; + cleanup: krb5_free_authdata(context, in_creds.authdata); krb5_free_principal(context, cc_princ); krb5_free_cred_contents(context, &evidence_creds); + krb5_free_creds(context, result_creds); return code; } |