[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Invalid free() in gssapi_krb5_set_error_string?

I've been delving all over the Heimdal source, I and think this function
can perform an invalid free() if the calling application has not cleared
out the error buffer (by calling gss_display_status() and therefore
gssapi_krb5_get_error_string()) before the next error is recorded.

There seems to be some general confusion in the libs as to if this
string should be allocated, or if it is static storage on a context
somewhere.  Note that gssapi_krb5_get_error_string() does not free() the
string before assigning the pointer to NULL, and neither does

Is there a document in which the correct semantics for the error string
handling is recorded, at least so I can figure out what the correct fix
should be?

Andrew Bartlett
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net

This is a digitally signed message part