From 4466bd867f9114d6c2c8bf7c7debf5fb4c5ff736 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Fri, 7 Apr 2006 22:23:20 +0000
Subject: [PATCH] (krb5_ret_principal): fix memory leak Coverity, NetBSD
 CID#1695

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17018 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/krb5/store.c | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/lib/krb5/store.c b/lib/krb5/store.c
index 8238f39de..44c5b11df 100644
--- a/lib/krb5/store.c
+++ b/lib/krb5/store.c
@@ -420,7 +420,7 @@ krb5_ret_principal(krb5_storage *sp,
 
     if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE))
 	type = KRB5_NT_UNKNOWN;
-    else 	if((ret = krb5_ret_int32(sp, &type))){
+    else if((ret = krb5_ret_int32(sp, &type))){
 	free(p);
 	return ret;
     }
@@ -430,18 +430,31 @@ krb5_ret_principal(krb5_storage *sp,
     }
     if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS))
 	ncomp--;
+    if (ncomp < 0) {
+	free(p);
+	return EINVAL;
+    }
     p->name.name_type = type;
     p->name.name_string.len = ncomp;
     ret = krb5_ret_string(sp, &p->realm);
-    if(ret) return ret;
+    if(ret) {
+	free(p);
+	return ret;
+    }
     p->name.name_string.val = calloc(ncomp, sizeof(*p->name.name_string.val));
-    if(p->name.name_string.val == NULL){
+    if(p->name.name_string.val == NULL && ncomp != 0){
 	free(p->realm);
 	return ENOMEM;
     }
     for(i = 0; i < ncomp; i++){
 	ret = krb5_ret_string(sp, &p->name.name_string.val[i]);
-	if(ret) return ret; /* XXX */
+	if(ret) {
+	    while (i >= 0)
+		free(p->name.name_string.val[i--]);
+	    free(p->realm);
+	    free(p);
+	    return ret;
+	}
     }
     *princ = p;
     return 0;