kdc kx509: avoid double free of cprinc and s in check_authz

on error from der_parse_heim_old we early exit via out, which frees
s and cprinc; we should not do so a second time unless we explicitly
NULL the pointers but there is no value in doing so.
This commit is contained in:
Daria Phoebe Brashear
2020-01-10 12:51:20 -05:00
committed by Nico Williams
parent c6b891556e
commit bfcc7a90ed

View File

@@ -757,8 +757,6 @@ check_authz(krb5_context context,
break;
if ((ret = der_parse_heim_oid(s, ".", &oid))) {
free(cprinc);
free(s);
goto out;
}
for (k = 0; k < sizeof(eku_whitelist)/sizeof(eku_whitelist[0]); k++) {