diff options
author | Nalin Dahyabhai <nalin@redhat.com> | 2013-02-28 15:57:44 -0500 |
---|---|---|
committer | Nalin Dahyabhai <nalin@redhat.com> | 2013-02-28 16:37:33 -0500 |
commit | 6fdbb463fca04e2299ac716b0520b483016634a4 (patch) | |
tree | fdd526003345f33d03f6ddcecf8ff81296cd5ec5 | |
parent | abff2e511790f9cb11e99688b40457a7dc680c84 (diff) | |
download | krb5-6fdbb463fca04e2299ac716b0520b483016634a4.tar.gz krb5-6fdbb463fca04e2299ac716b0520b483016634a4.tar.xz krb5-6fdbb463fca04e2299ac716b0520b483016634a4.zip |
fix a memory leak when obtaining creds via keytabskrb5-1.11.1-3.fc19
- fix a memory leak when acquiring credentials using a keytab (RT#7586, #911110)
-rw-r--r-- | krb5-lookup_etypes-leak.patch | 42 | ||||
-rw-r--r-- | krb5.spec | 7 |
2 files changed, 48 insertions, 1 deletions
diff --git a/krb5-lookup_etypes-leak.patch b/krb5-lookup_etypes-leak.patch new file mode 100644 index 0000000..9c7e082 --- /dev/null +++ b/krb5-lookup_etypes-leak.patch @@ -0,0 +1,42 @@ +Petr Spacek notes that when we walk the keytab in lookup_etypes_for_keytab(), +we don't free entries when we're finished examining them. Ensure that when +krb5_kt_next_entry() succeeds, we make sure to free the entry storage before we +exit the current loop iteration. (RT#7586) + +--- a/src/lib/krb5/krb/gic_keytab.c ++++ b/src/lib/krb5/krb/gic_keytab.c +@@ -110,9 +110,9 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab, + goto cleanup; + + if (!krb5_c_valid_enctype(entry.key.enctype)) +- continue; ++ goto next_entry; + if (!krb5_principal_compare(context, entry.principal, client)) +- continue; ++ goto next_entry; + /* Make sure our list is for the highest kvno found for client. */ + if (entry.vno > max_kvno) { + free(etypes); +@@ -120,11 +120,12 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab, + count = 0; + max_kvno = entry.vno; + } else if (entry.vno != max_kvno) +- continue; ++ goto next_entry; + + /* Leave room for the terminator and possibly a second entry. */ + p = realloc(etypes, (count + 3) * sizeof(*etypes)); + if (p == NULL) { ++ krb5_free_keytab_entry_contents(context, &entry); + ret = ENOMEM; + goto cleanup; + } +@@ -136,6 +137,8 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab, + entry.key.enctype == ENCTYPE_DES_CBC_MD4) + etypes[count++] = ENCTYPE_DES_CBC_CRC; + etypes[count] = 0; ++next_entry: ++ krb5_free_keytab_entry_contents(context, &entry); + } + + ret = 0; @@ -30,7 +30,7 @@ Summary: The Kerberos network authentication system Name: krb5 Version: 1.11.1 -Release: 2%{?dist} +Release: 3%{?dist} # Maybe we should explode from the now-available-to-everybody tarball instead? # http://web.mit.edu/kerberos/dist/krb5/1.11/krb5-1.11.1-signed.tar Source0: krb5-%{version}.tar.gz @@ -73,6 +73,7 @@ Patch75: krb5-pkinit-debug.patch Patch86: krb5-1.9-debuginfo.patch Patch105: krb5-kvno-230379.patch Patch113: krb5-1.11-alpha1-init.patch +Patch114: krb5-lookup_etypes-leak.patch License: MIT URL: http://web.mit.edu/kerberos/www/ @@ -282,6 +283,7 @@ ln -s NOTICE LICENSE %patch86 -p0 -b .debuginfo %patch105 -p1 -b .kvno %patch113 -p1 -b .init +%patch114 -p1 -b .lookup_etypes-leak # Take the execute bit off of documentation. chmod -x doc/krb5-protocol/*.txt @@ -793,6 +795,9 @@ exit 0 %{_sbindir}/uuserver %changelog +* Thu Feb 28 2013 Nalin Dahyabhai <nalin@redhat.com> 1.11.1-3 +- fix a memory leak when acquiring credentials using a keytab (RT#7586, #911110) + * Wed Feb 27 2013 Nalin Dahyabhai <nalin@redhat.com> 1.11.1-2 - prebuild PDF docs to reduce multilib differences (internal tooling, #884065) - drop the kerberos-iv portreserve file, and drop the rest on systemd systems |