From 4847270ab29510f13574ca0152d16d8b155ff83e Mon Sep 17 00:00:00 2001
From: Assar Westerlund <assar@sics.se>
Date: Tue, 8 Jul 1997 23:41:51 +0000
Subject: [PATCH] try to free memory

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2065 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/krb5/rd_priv.c | 39 +++++++++++++++++++++++----------
 lib/krb5/rd_safe.c | 54 ++++++++++++++++++++++++++++++----------------
 2 files changed, 63 insertions(+), 30 deletions(-)

diff --git a/lib/krb5/rd_priv.c b/lib/krb5/rd_priv.c
index 08e70453e..2165864e8 100644
--- a/lib/krb5/rd_priv.c
+++ b/lib/krb5/rd_priv.c
@@ -17,11 +17,15 @@ krb5_rd_priv(krb5_context context,
 
   r = decode_KRB_PRIV (inbuf->data, inbuf->length, &priv, &len);
   if (r) 
-      return r;
-  if (priv.pvno != 5)
-      return KRB5KRB_AP_ERR_BADVERSION;
-  if (priv.msg_type != krb_safe)
-      return KRB5KRB_AP_ERR_MSG_TYPE;
+      goto failure;
+  if (priv.pvno != 5) {
+      r = KRB5KRB_AP_ERR_BADVERSION;
+      goto failure;
+  }
+  if (priv.msg_type != krb_safe) {
+      r = KRB5KRB_AP_ERR_MSG_TYPE;
+      goto failure;
+  }
 
   r = krb5_decrypt (context,
 		    priv.enc_part.cipher.data,
@@ -30,7 +34,7 @@ krb5_rd_priv(krb5_context context,
 		    &auth_context->key,
 		    &plain);
   if (r) 
-      return r;
+      goto failure;
 
   r = decode_EncKrbPrivPart (plain.data, plain.length, &part, &len);
   if (r) 
@@ -43,8 +47,10 @@ krb5_rd_priv(krb5_context context,
     gettimeofday (&tv, NULL);
     if (part.timestamp == NULL ||
 	part.usec      == NULL ||
-	*part.timestamp - tv.tv_sec > 600)
-      return KRB5KRB_AP_ERR_SKEW;
+	*part.timestamp - tv.tv_sec > 600) {
+	r = KRB5KRB_AP_ERR_SKEW;
+	goto failure_priv;
+    }
   }
 
   /* XXX - check replay cache */
@@ -52,13 +58,24 @@ krb5_rd_priv(krb5_context context,
   /* check sequence number */
   if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
     if (part.seq_number == NULL ||
-	*part.seq_number != ++auth_context->remote_seqnumber)
-      return KRB5KRB_AP_ERR_BADORDER;
+	*part.seq_number != ++auth_context->remote_seqnumber) {
+      r = KRB5KRB_AP_ERR_BADORDER;
+      goto failure_priv;
+    }
   }
 
   r = krb5_data_copy (outbuf, part.user_data.data, part.user_data.length);
   if (r)
-    return r;
+      goto failure_priv;
 
+  free_EncKrbPrivPart (&part);
+  free_KRB_PRIV (&priv);
   return 0;
+
+failure_priv:
+  free_EncKrbPrivPart (&part);
+
+failure:
+  free_KRB_PRIV (&priv);
+  return r;
 }
diff --git a/lib/krb5/rd_safe.c b/lib/krb5/rd_safe.c
index aea3b9d62..86da94bec 100644
--- a/lib/krb5/rd_safe.c
+++ b/lib/krb5/rd_safe.c
@@ -15,30 +15,40 @@ krb5_rd_safe(krb5_context context,
 
   r = decode_KRB_SAFE (inbuf->data, inbuf->length, &safe, &len);
   if (r) 
-      return r;
-  if (safe.pvno != 5)
-    return KRB5KRB_AP_ERR_BADVERSION;
-  if (safe.msg_type != krb_safe)
-    return KRB5KRB_AP_ERR_MSG_TYPE;
-  if (safe.cksum.cksumtype != CKSUMTYPE_RSA_MD4)
-    return KRB5KRB_AP_ERR_INAPP_CKSUM;
+      goto failure;
+  if (safe.pvno != 5) {
+      r = KRB5KRB_AP_ERR_BADVERSION;
+      goto failure;
+  }
+  if (safe.msg_type != krb_safe) {
+      r = KRB5KRB_AP_ERR_MSG_TYPE;
+      goto failure;
+  }
+  if (safe.cksum.cksumtype != CKSUMTYPE_RSA_MD4) {
+      r = KRB5KRB_AP_ERR_INAPP_CKSUM;
+      goto failure;
+  }
   /* check timestamp */
   if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) {
-    struct timeval tv;
+      struct timeval tv;
 
-    gettimeofday (&tv, NULL);
-    if (safe.safe_body.timestamp == NULL ||
-	safe.safe_body.usec      == NULL ||
-	*(safe.safe_body.timestamp) - tv.tv_sec > 600)
-      return KRB5KRB_AP_ERR_SKEW;
+      gettimeofday (&tv, NULL);
+      if (safe.safe_body.timestamp == NULL ||
+	  safe.safe_body.usec      == NULL ||
+	  *(safe.safe_body.timestamp) - tv.tv_sec > 600) {
+	  r = KRB5KRB_AP_ERR_SKEW;
+	  goto failure;
+      }
   }
   /* XXX - check replay cache */
 
   /* check sequence number */
   if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
-    if (safe.safe_body.seq_number == NULL ||
-	*safe.safe_body.seq_number != ++auth_context->remote_seqnumber)
-      return KRB5KRB_AP_ERR_BADORDER;
+      if (safe.safe_body.seq_number == NULL ||
+	  *safe.safe_body.seq_number != ++auth_context->remote_seqnumber) {
+	  r = KRB5KRB_AP_ERR_BADORDER;
+	  goto failure;
+      }
   }
 
   r = krb5_verify_checksum (context,
@@ -46,11 +56,17 @@ krb5_rd_safe(krb5_context context,
 			    safe.safe_body.user_data.length,
 			    &safe.cksum);
   if (r)
-    return r;
+      goto failure;
   outbuf->length = safe.safe_body.user_data.length;
   outbuf->data   = malloc(outbuf->length);
-  if (outbuf->data == NULL)
-    return ENOMEM;
+  if (outbuf->data == NULL) {
+      r = ENOMEM;
+      goto failure;
+  }
   memcpy (outbuf->data, safe.safe_body.user_data.data, outbuf->length);
+  free_KRB_SAFE (&safe);
   return 0;
+failure:
+  free_KRB_SAFE (&safe);
+  return r;
 }