oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Fix leak in krb5_rd_rep() callers

Browse Source
This commit is contained in:
Nicolas Williams
2016-11-20 15:51:47 -06:00
parent 943e76f99b
commit 6696920d9e
1 changed files with 14 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/krb5/rd_rep.c
View File

@@ -45,6 +45,7 @@ krb5_rd_rep(krb5_context context,
krb5_data data; krb5_data data;
krb5_crypto crypto; krb5_crypto crypto;
*repl = NULL;
krb5_data_zero (&data); krb5_data_zero (&data);
ret = decode_AP_REP(inbuf->data, inbuf->length, &ap_rep, &len); ret = decode_AP_REP(inbuf->data, inbuf->length, &ap_rep, &len);
@@ -81,15 +82,13 @@ krb5_rd_rep(krb5_context context,
ret = decode_EncAPRepPart(data.data, data.length, *repl, &len); ret = decode_EncAPRepPart(data.data, data.length, *repl, &len);
if (ret) { if (ret) {
krb5_set_error_message(context, ret, N_("Failed to decode EncAPRepPart", "")); krb5_set_error_message(context, ret, N_("Failed to decode EncAPRepPart", ""));
return ret; goto out;
} }
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) {
if ((*repl)->ctime != auth_context->authenticator->ctime || if ((*repl)->ctime != auth_context->authenticator->ctime ||
(*repl)->cusec != auth_context->authenticator->cusec) (*repl)->cusec != auth_context->authenticator->cusec)
{ {
krb5_free_ap_rep_enc_part(context, *repl);
*repl = NULL;
ret = KRB5KRB_AP_ERR_MUT_FAIL; ret = KRB5KRB_AP_ERR_MUT_FAIL;
krb5_clear_error_message(context); krb5_clear_error_message(context);
goto out; goto out;
@@ -102,6 +101,10 @@ krb5_rd_rep(krb5_context context,
krb5_auth_con_setremotesubkey(context, auth_context, (*repl)->subkey); krb5_auth_con_setremotesubkey(context, auth_context, (*repl)->subkey);
out: out:
if (ret) {
krb5_free_ap_rep_enc_part(context, *repl);
*repl = NULL;
}
krb5_data_free(&data); krb5_data_free(&data);
free_AP_REP(&ap_rep); free_AP_REP(&ap_rep);
return ret; return ret;