From d7928440a33dfb7345c493c2ebf92e9575d17372 Mon Sep 17 00:00:00 2001
From: Assar Westerlund <assar@sics.se>
Date: Wed, 23 Jul 1997 23:54:37 +0000
Subject: [PATCH] free more

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2569 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/krb5/build_auth.c |  3 ++-
 lib/krb5/keytab.c     |  2 ++
 lib/krb5/mk_priv.c    |  1 +
 lib/krb5/mk_req_ext.c |  8 ++++----
 lib/krb5/rd_priv.c    |  1 +
 lib/krb5/rd_rep.c     | 31 ++++++++++++++++++++++---------
 lib/krb5/rd_req.c     | 31 +++++++++++++++++++++----------
 7 files changed, 53 insertions(+), 24 deletions(-)

diff --git a/lib/krb5/build_auth.c b/lib/krb5/build_auth.c
index 05ebfe75e..ace7d55f3 100644
--- a/lib/krb5/build_auth.c
+++ b/lib/krb5/build_auth.c
@@ -66,6 +66,7 @@ krb5_build_authenticator (krb5_context context,
   auth->subkey = NULL;
 #else
   krb5_generate_subkey (context, &cred->session, &auth->subkey);
+  free_EncryptionKey (&auth_context->local_subkey);
   copy_EncryptionKey (auth->subkey,
 		      &auth_context->local_subkey);
 #endif
@@ -98,7 +99,7 @@ krb5_build_authenticator (krb5_context context,
   if (auth_result)
     *auth_result = auth;
   else {
-    free (auth->crealm);
+    free_Authenticator (auth);
     free (auth);
   }
   return ret;
diff --git a/lib/krb5/keytab.c b/lib/krb5/keytab.c
index f913142c7..11a05eaaf 100644
--- a/lib/krb5/keytab.c
+++ b/lib/krb5/keytab.c
@@ -170,6 +170,8 @@ krb5_error_code
 krb5_kt_free_entry(krb5_context context,
 		   krb5_keytab_entry *entry)
 {
+  krb5_free_principal (context, entry->principal);
+  krb5_free_keyblock (context, &entry->keyblock);
   free (entry);
   return 0;
 }
diff --git a/lib/krb5/mk_priv.c b/lib/krb5/mk_priv.c
index b3118d62a..5eddbe27f 100644
--- a/lib/krb5/mk_priv.c
+++ b/lib/krb5/mk_priv.c
@@ -86,6 +86,7 @@ krb5_mk_priv(krb5_context context,
     return r;
 
   r = encode_KRB_PRIV (buf + sizeof(buf) - 1, sizeof(buf), &s, &len);
+  krb5_data_free (&s.enc_part.cipher);
   if (r)
     return r;
   outbuf->length = len;
diff --git a/lib/krb5/mk_req_ext.c b/lib/krb5/mk_req_ext.c
index 9e3e2430b..1ade5694f 100644
--- a/lib/krb5/mk_req_ext.c
+++ b/lib/krb5/mk_req_ext.c
@@ -49,7 +49,6 @@ krb5_mk_req_extended(krb5_context context,
 		     krb5_data *outbuf)
 {
   krb5_error_code r;
-  Authenticator *auth;
   krb5_data authenticator;
   Checksum c;
   Checksum *c_opt;
@@ -66,8 +65,9 @@ krb5_mk_req_extended(krb5_context context,
   if(r)
       return r;
       
-  copy_EncryptionKey(&in_creds->session,
-		     &ac->key);
+  free_EncryptionKey (&ac->key);
+  copy_EncryptionKey (&in_creds->session,
+		      &ac->key);
 
   if (in_data) {
 
@@ -86,7 +86,7 @@ krb5_mk_req_extended(krb5_context context,
 				ac,
 				in_creds,
 				c_opt,
-				&auth,
+				NULL,
 				&authenticator);
   if (r)
     return r;
diff --git a/lib/krb5/rd_priv.c b/lib/krb5/rd_priv.c
index d34dcceb9..ca5d22739 100644
--- a/lib/krb5/rd_priv.c
+++ b/lib/krb5/rd_priv.c
@@ -75,6 +75,7 @@ krb5_rd_priv(krb5_context context,
       goto failure;
 
   r = decode_EncKrbPrivPart (plain.data, plain.length, &part, &len);
+  krb5_data_free (&plain);
   if (r) 
       goto failure;
   
diff --git a/lib/krb5/rd_rep.c b/lib/krb5/rd_rep.c
index c3474bc42..e8502d287 100644
--- a/lib/krb5/rd_rep.c
+++ b/lib/krb5/rd_rep.c
@@ -53,13 +53,20 @@ krb5_rd_rep(krb5_context context,
   char *buf;
   krb5_data data;
 
+  krb5_data_zero (&data);
+  ret = 0;
+
   ret = decode_AP_REP(inbuf->data, inbuf->length, &ap_rep, &len);
   if (ret)
       return ret;
-  if (ap_rep.pvno != 5)
-    return KRB5KRB_AP_ERR_BADVERSION;
-  if (ap_rep.msg_type != krb_ap_rep)
-    return KRB5KRB_AP_ERR_MSG_TYPE;
+  if (ap_rep.pvno != 5) {
+    ret = KRB5KRB_AP_ERR_BADVERSION;
+    goto out;
+  }
+  if (ap_rep.msg_type != krb_ap_rep) {
+    ret = KRB5KRB_AP_ERR_MSG_TYPE;
+    goto out;
+  }
 
   ret = krb5_decrypt (context,
 		      ap_rep.enc_part.cipher.data,
@@ -68,11 +75,13 @@ krb5_rd_rep(krb5_context context,
 		      &auth_context->key,
 		      &data);
   if (ret)
-    return ret;
+      goto out;
 
   *repl = malloc(sizeof(**repl));
-  if (*repl == NULL)
-    return ENOMEM;
+  if (*repl == NULL) {
+    ret = ENOMEM;
+    goto out;
+  }
   ret = decode_EncAPRepPart(data.data,
 			    data.length,
 			    *repl, 
@@ -88,12 +97,16 @@ krb5_rd_rep(krb5_context context,
 	    auth_context->authenticator->ctime,
 	    auth_context->authenticator->cusec);
 #endif				/* Something wrong with the coding??? */
-    return KRB5KRB_AP_ERR_MUT_FAIL;
+    ret = KRB5KRB_AP_ERR_MUT_FAIL;
+    goto out;
   }
   if ((*repl)->seq_number)
     auth_context->remote_seqnumber = *((*repl)->seq_number);
   
-  return 0;
+out:
+  krb5_data_free (&data);
+  free_AP_REP (&ap_rep);
+  return ret;
 }
 
 void
diff --git a/lib/krb5/rd_req.c b/lib/krb5/rd_req.c
index 448fe7a79..27c32d50b 100644
--- a/lib/krb5/rd_req.c
+++ b/lib/krb5/rd_req.c
@@ -279,22 +279,33 @@ krb5_rd_req(krb5_context context,
 {
     krb5_keytab_entry entry;
     krb5_error_code ret;
+    krb5_keytab real_keytab;
+
     if(keytab == NULL)
-	krb5_kt_default(context, &keytab);
+	krb5_kt_default(context, &real_keytab);
+    else
+	real_keytab = keytab;
+
     ret = krb5_kt_get_entry(context,
-			    keytab,
+			    real_keytab,
 			    (krb5_principal)server,
 			    0,
 			    KEYTYPE_DES,
 			    &entry);
     if(ret)
-	return ret;
+	goto out;
     
-    return krb5_rd_req_with_keyblock(context,
-				     auth_context,
-				     inbuf,
-				     server,
-				     &entry.keyblock,
-				     ap_req_options,
-				     ticket);
+    ret = krb5_rd_req_with_keyblock(context,
+				    auth_context,
+				    inbuf,
+				    server,
+				    &entry.keyblock,
+				    ap_req_options,
+				    ticket);
+    krb5_kt_free_entry (context, &entry);
+out:
+    if (keytab == NULL)
+	krb5_kt_close (context, real_keytab);
+
+    return ret;
 }