[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: krb5 mechanism OID; Was: Re: FW: memory leak in some KerberosAPIs?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Buck Huppmann <buckh@pobox.com> writes:

>> For the first problem, can you try this ?
>
> don't you also need one here?

Yes, you are right. I've just test compiled this. I'm traving so I'll test
and commit this later.

Love

Index: init_sec_context.c
===================================================================
RCS file: /afs/pdc.kth.se/src/packages/kth-krb/SourceRepository/heimdal/lib/gssapi/init_sec_context.c,v
retrieving revision 1.38
diff -u -u -w -r1.38 init_sec_context.c
- --- init_sec_context.c	3 Jun 2003 15:22:58 -0000	1.38
+++ init_sec_context.c	13 Jun 2003 17:36:21 -0000
@@ -184,11 +184,10 @@
     OM_uint32 ret = GSS_S_FAILURE;
     krb5_error_code kret;
     krb5_flags ap_options;
- -    krb5_creds this_cred, *cred;
+    krb5_creds this_cred, *cred = NULL;
     krb5_data outbuf;
- -    krb5_ccache ccache;
+    krb5_ccache ccache = NULL;
     u_int32_t flags;
- -    Authenticator *auth;
     krb5_data authenticator;
     Checksum cksum;
     krb5_enctype enctype;
@@ -197,6 +196,8 @@
 
     krb5_data_zero(&outbuf);
     krb5_data_zero(&fwd_data);
+    krb5_data_zero(&authenticator);
+    memset(&cksum, 0, sizeof(cksum));
 
     *minor_status = 0;
 
@@ -392,7 +393,7 @@
 				     enctype,
 				     cred,
 				     &cksum,
- -				     &auth,
+				     NULL,
 				     &authenticator,
 				     KRB5_KU_AP_REQ_AUTH);
 
@@ -423,6 +424,10 @@
 	goto failure;
 
     krb5_data_free (&outbuf);
+    krb5_free_creds(gssapi_krb5_context, cred);
+    free_Checksum(&cksum);
+    if (initiator_cred_handle == GSS_C_NO_CREDENTIAL)
+	krb5_cc_close(gssapi_krb5_context, ccache);
 
     if (flags & GSS_C_MUTUAL_FLAG) {
 	return GSS_S_CONTINUE_NEEDED;
@@ -437,6 +442,14 @@
  failure:
     krb5_auth_con_free (gssapi_krb5_context,
 			(*context_handle)->auth_context);
+    krb5_data_free (&outbuf);
+    if(cred)
+	krb5_free_creds(gssapi_krb5_context, cred);
+    if (initiator_cred_handle == GSS_C_NO_CREDENTIAL)
+	krb5_cc_close(gssapi_krb5_context, ccache);
+    free_Checksum(&cksum);
+    if (authenticator.data)
+	krb5_data_free(&authenticator);
     if((*context_handle)->source)
 	krb5_free_principal (gssapi_krb5_context,
 			     (*context_handle)->source);
@@ -445,7 +458,6 @@
 			     (*context_handle)->target);
     HEIMDAL_MUTEX_destroy(&(*context_handle)->ctx_id_mutex);
     free (*context_handle);
- -    krb5_data_free (&outbuf);
     *context_handle = GSS_C_NO_CONTEXT;
     return ret;
 }
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (NetBSD)

iQIVAwUBPuoLqBZyDLTSep3UAQLE7A/7BUhfrtZgypdx4hA8xViLC+Emt4AmpBk7
ul0bV6zWSFjxhguEJathyxEYViL5FEId271WIVX3h/PyQX6tR2YO+TrK4SFs8u26
j4waIIYO+T/XW7A2er9AcdHDs1k9hkUn++V1N4Ve8SvUJTnaBi6Upi7Tn5LT02ti
ov8PvaqrfpAF5CfBCZ5swVBOZDQr8nklZaZUB5GnYGZyy3hVCll5AT0BbX717bJM
qVZXlZ2b8HvJcQzvVwJuz1xO9sB0L8N9BCtucgNdeYhrsR3PBQrSqsckYNbkiW8v
2Qmhse8tyZCHMfPgrx/UOm73QSj65DxuxPXkhYpOMc6rPts9v4TH0e+2LFvNX6SJ
Hp0M/Dx51erAU/a5LnZJ22cZWJb7NYR7aIV50TgdUeb+yzcNFAKItJwtYGEKqY3u
zcca4VAMzd3h9FS2rfBWDzo8rgPutWcve8wm7g5Abr/hhG+p/KLuevNgfdTuNprQ
hmfJIc/TCAyeqTybe9zgTjQO/LiAQYgDVn5S/ar43VotNL5Sm4NhrgzB9GH4dj+1
xG0NsDVr9hwRHTvK6EVgdzY4YiAioirwJUf9m4DwE9J73+QBh+Z7lkCZZFupegMU
YZSXbZqpU2FRSklQLupwkvJ6ayN1h0FPuPDXaXHkXhJZUHt2yNGGF7Be2FA5RH1+
ejzbUas7cTM=
=qgVC
-----END PGP SIGNATURE-----