kadmind: fix pw leak from CVE-2016-2400 fix

This commit is contained in:
Nicolas Williams
2016-02-29 18:34:57 -06:00
parent 644b45939e
commit e193671854

View File

@@ -194,6 +194,8 @@ kadmind_dispatch(void *kadm_handlep, krb5_boolean initial,
ret = check_aliases(contextp, &ent, NULL);
if (ret) {
kadm5_free_principal_ent(kadm_handlep, &ent);
memset(password, 0, strlen(password));
free(password);
goto fail;
}
}