Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) X-RT-Original-Encoding: iso-8859-1 Content-Length: 4259 From krb5-bugs-incoming-bounces@PCH.mit.edu Mon Oct 30 18:37:08 2006 Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.9.3p2) with ESMTP id SAA02615; Mon, 30 Oct 2006 18:37:07 -0500 (EST) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id k9UNabev022521; Mon, 30 Oct 2006 18:36:37 -0500 Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id k9UMHPvL031674 for ; Mon, 30 Oct 2006 17:17:25 -0500 Received: from mit.edu (W92-130-BARRACUDA-2.MIT.EDU [18.7.21.223]) by pacific-carrier-annex.mit.edu (8.13.6/8.9.2) with ESMTP id k9UMHAqZ009044 for ; Mon, 30 Oct 2006 17:17:10 -0500 (EST) Received: from mx1.redhat.com (mx1.redhat.com [66.187.233.31]) by mit.edu (Spam Firewall) with ESMTP id F085E2775E6 for ; Mon, 30 Oct 2006 17:17:09 -0500 (EST) Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254]) by mx1.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id k9UMH9JB011113 for ; Mon, 30 Oct 2006 17:17:09 -0500 Received: from localhost.localdomain (sparky.boston.redhat.com [172.16.80.55]) by int-mx1.corp.redhat.com (8.13.1/8.13.1) with ESMTP id k9UMH8Eo024205 for ; Mon, 30 Oct 2006 17:17:09 -0500 Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by localhost.localdomain (8.13.8/8.13.8) with ESMTP id k9UM2lYY008021 for ; Mon, 30 Oct 2006 17:02:47 -0500 Received: (from nalin@localhost) by localhost.localdomain (8.13.8/8.13.8/Submit) id k9UM2l29008020; Mon, 30 Oct 2006 17:02:47 -0500 Date: Mon, 30 Oct 2006 17:02:47 -0500 From: Nalin Dahyabhai Message-Id: <200610302202.k9UM2l29008020@localhost.localdomain> To: krb5-bugs@mit.edu X-send-pr-version: 3.99 X-Spam-Score: 0.95 X-Spam-Flag: NO X-Scanned-By: MIMEDefang 2.42 X-Mailman-Approved-At: Mon, 30 Oct 2006 18:36:36 -0500 X-BeenThere: krb5-bugs-incoming@mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Reply-To: nalin@redhat.com Sender: krb5-bugs-incoming-bounces@PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces@PCH.mit.edu >Submitter-Id: net >Originator: Nalin Dahyabhai >Organization: Red Hat >Confidential: no >Synopsis: leaks in preauth plugin support >Severity: non-critical >Priority: low >Category: krb5-libs >Class: sw-bug >Release: pre-1.6 >Environment: System: Linux sparky 2.6.18-1.2798.fc6 #1 SMP Mon Oct 16 14:37:32 EDT 2006 i686 athlon i386 GNU/Linux Architecture: i686 >Description: The list of plugin vtables returned by krb5int_get_plugin_dir_data() isn't getting freed, either in the client library or in the KDC. >Fix: Index: src/kdc/kdc_preauth.c =================================================================== --- src/kdc/kdc_preauth.c (revision 18750) +++ src/kdc/kdc_preauth.c (working copy) @@ -349,6 +352,7 @@ * leave room for a terminator entry. */ preauth_systems = malloc(sizeof(krb5_preauth_systems) * (module_count + 1)); if (preauth_systems == NULL) { + krb5int_free_plugin_dir_data(preauth_plugins_ftables); return ENOMEM; } @@ -414,6 +418,7 @@ } } } + krb5int_free_plugin_dir_data(preauth_plugins_ftables); n_preauth_systems = k; /* Add the end-of-list marker. */ preauth_systems[k].name = "[end]"; Index: src/lib/krb5/krb/preauth2.c =================================================================== --- src/lib/krb5/krb/preauth2.c (revision 18750) +++ src/lib/krb5/krb/preauth2.c (working copy) @@ -167,11 +167,13 @@ /* allocate the space we need */ context = malloc(sizeof(*context)); if (context == NULL) { + krb5int_free_plugin_dir_data(tables); return; } context->modules = malloc(sizeof(context->modules[0]) * n_modules); if (context->modules == NULL) { free(context); + krb5int_free_plugin_dir_data(tables); return; } memset(context->modules, 0, sizeof(context->modules[0]) * n_modules); @@ -216,6 +219,7 @@ } } + krb5int_free_plugin_dir_data(tables); /* return the result */ *preauth_context = context; }