Received: from biscayne-one-station.mit.edu (BISCAYNE-ONE-STATION.MIT.EDU [18.7.7.80]) by krbdev.mit.edu (8.9.3p2) with ESMTP id UAA04478; Tue, 27 Dec 2005 20:52:02 -0500 (EST) Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.12.4/8.9.2) with ESMTP id jBS1q09r019207 for ; Tue, 27 Dec 2005 20:52:01 -0500 (EST) Received: from cathode-dark-space.mit.edu (CATHODE-DARK-SPACE.MIT.EDU [18.18.1.96]) (authenticated bits=56) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.1/8.12.4) with ESMTP id jBS1prCJ002462 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 27 Dec 2005 20:51:54 -0500 (EST) Received: (from tlyu@localhost) by cathode-dark-space.mit.edu (8.12.9) id jBS1prMS012861; Tue, 27 Dec 2005 20:51:53 -0500 (EST) To: rt@krbdev.mit.edu Subject: Re: [krbdev.mit.edu #3313] doublefree in gc_frm_kdc.c References: From: Tom Yu Date: Tue, 27 Dec 2005 20:51:53 -0500 In-Reply-To: (Jeffrey Altman via's message of "Tue, 27 Dec 2005 01:19:48 -0500 (EST)") Message-Id: Lines: 12 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Spam-Score: 1.217 X-Spam-Level: * (1.217) X-Spam-Flag: NO X-Scanned-BY: MIMEDefang 2.42 RT-Send-Cc: X-RT-Original-Encoding: us-ascii Content-Length: 492 [Line numbers refer to file after application of Jeff's patch.] The extra call to free_cred_contents() at line 164 will never be executed, as there is no way for free_tgt to be 1 at that point. Otherwise, it appears to be functionally nearly identical to my patch. Jeff, were there any cases your patch covers which mine does not? I didn't think there were, but I wanted to make sure I wasn't missing something. This file badly needs rewriting. (I've got a rewrite in progress.) ---Tom