[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Invalid free() in gssapi_krb5_set_error_string?

>So gssapi_krb5_set_error_string() should always call strdup(), to ensure
>that when gssapi_krb5_get_error_string() is called, the caller can own
>the string, right?
>Or is the assumption that the kerberos layer has made a similar promise,
>and the kerberos error routines should call strdup()?

See krb5_vset_error_string() in lib/krb5/error_string.c. It uses

Interestingly if vasprintf() it fails then it falls back to using a
static buffer inside the krb5_context. Perhaps this is the cause of
the prolbem you are seeing.

-- Luke