From e193671854afff76d7d7cf641344ff0cf30915dc Mon Sep 17 00:00:00 2001
From: Nicolas Williams <nico@twosigma.com>
Date: Mon, 29 Feb 2016 18:34:57 -0600
Subject: [PATCH] kadmind: fix pw leak from CVE-2016-2400 fix

---
 kadmin/server.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/kadmin/server.c b/kadmin/server.c
index 823769796..b339a9ac7 100644
--- a/kadmin/server.c
+++ b/kadmin/server.c
@@ -194,6 +194,8 @@ kadmind_dispatch(void *kadm_handlep, krb5_boolean initial,
             ret = check_aliases(contextp, &ent, NULL);
             if (ret) {
                 kadm5_free_principal_ent(kadm_handlep, &ent);
+                memset(password, 0, strlen(password));
+                free(password);
                 goto fail;
             }
         }