oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(krb5_decrypt_ticket): plug some memory leak

Browse Source 
(krb5_rd_req): try not to return an allocated auth_context on error


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9058 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
2000-09-17 21:47:37 +00:00
parent b1c3af9c5c
commit 20173f77c5
1 changed files with 36 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
lib/krb5/rd_req.c
View File

@@ -140,10 +140,14 @@ krb5_decrypt_ticket(krb5_context context,
start = *t.starttime; start = *t.starttime;
if(start - now > context->max_skew if(start - now > context->max_skew
|| (t.flags.invalid || (t.flags.invalid
&& !(flags & KRB5_VERIFY_AP_REQ_IGNORE_INVALID))) && !(flags & KRB5_VERIFY_AP_REQ_IGNORE_INVALID))) {
free_EncTicketPart(&t);
return KRB5KRB_AP_ERR_TKT_NYV; return KRB5KRB_AP_ERR_TKT_NYV;
if(now - t.endtime > context->max_skew) }
if(now - t.endtime > context->max_skew) {
free_EncTicketPart(&t);
return KRB5KRB_AP_ERR_TKT_EXPIRED; return KRB5KRB_AP_ERR_TKT_EXPIRED;
}
} }
if(out) if(out)
@@ -230,14 +234,13 @@ krb5_verify_ap_req(krb5_context context,
krb5_auth_context ac; krb5_auth_context ac;
krb5_error_code ret; krb5_error_code ret;
if(auth_context) { if (auth_context && *auth_context) {
if(*auth_context == NULL){ ac = *auth_context;
krb5_auth_con_init(context, &ac); } else {
*auth_context = ac; ret = krb5_auth_con_init (context, &ac);
}else if (ret)
ac = *auth_context; return ret;
} else }
krb5_auth_con_init(context, &ac);
if (ap_req->ap_options.use_session_key && ac->keyblock){ if (ap_req->ap_options.use_session_key && ac->keyblock){
ret = krb5_decrypt_ticket(context, &ap_req->ticket, ret = krb5_decrypt_ticket(context, &ap_req->ticket,
@@ -253,7 +256,7 @@ krb5_verify_ap_req(krb5_context context,
flags); flags);
if(ret) if(ret)
return ret; goto out;
principalname2krb5_principal(&t.server, ap_req->ticket.sname, principalname2krb5_principal(&t.server, ap_req->ticket.sname,
ap_req->ticket.realm); ap_req->ticket.realm);
@@ -268,10 +271,8 @@ krb5_verify_ap_req(krb5_context context,
&t.ticket.key, &t.ticket.key,
&ap_req->authenticator, &ap_req->authenticator,
ac->authenticator); ac->authenticator);
if (ret){ if (ret)
/* XXX free data */ goto out2;
return ret;
}
{ {
krb5_principal p1, p2; krb5_principal p1, p2;
@@ -286,8 +287,10 @@ krb5_verify_ap_req(krb5_context context,
res = krb5_principal_compare (context, p1, p2); res = krb5_principal_compare (context, p1, p2);
krb5_free_principal (context, p1); krb5_free_principal (context, p1);
krb5_free_principal (context, p2); krb5_free_principal (context, p2);
if (!res) if (!res) {
return KRB5KRB_AP_ERR_BADMATCH; ret = KRB5KRB_AP_ERR_BADMATCH;
goto out2;
}
} }
/* check addresses */ /* check addresses */
@@ -296,8 +299,10 @@ krb5_verify_ap_req(krb5_context context,
&& ac->remote_address && ac->remote_address
&& !krb5_address_search (context, && !krb5_address_search (context,
ac->remote_address, ac->remote_address,
t.ticket.caddr)) t.ticket.caddr)) {
return KRB5KRB_AP_ERR_BADADDR; ret = KRB5KRB_AP_ERR_BADADDR;
goto out2;
}
if (ac->authenticator->seq_number) if (ac->authenticator->seq_number)
ac->remote_seqnumber = *ac->authenticator->seq_number; ac->remote_seqnumber = *ac->authenticator->seq_number;
@@ -326,7 +331,18 @@ krb5_verify_ap_req(krb5_context context,
**ticket = t; **ticket = t;
} else } else
krb5_free_ticket (context, &t); krb5_free_ticket (context, &t);
if (auth_context) {
if (*auth_context == NULL)
*auth_context = ac;
} else
krb5_auth_con_free (context, ac);
return 0; return 0;
out2:
krb5_free_ticket (context, &t);
out:
if (auth_context == NULL || *auth_context == NULL)
krb5_auth_con_free (context, ac);
return ret;
} }