Ticket History #1470: preauth2.c leaks memory, double frees memory and uses freed data

krb5_do_preauth and krb5_get_init_creds have bad memory management
interactions.

The following can happen as an example:

1) krb5_get_init_creds calls krb5_do_preauth
2) krb5_do_preauth sets up salt by copying
a pointer out of etype_info
3) krb5_do_preauth calls krb5_free_etype_info
4) krb5_do_preauth returns the salt pointer it set up in 2
5) krb5_get_init_creds calls gak_fct
with the salt pointer from 2
6) After gak_fct returns krb5_get_init_creds frees the salt.

This looks like a double free and a use of freed memory.


I think there may be other paths that involve leaks.

Fix memory leaks and double frees in preauth2.c


To generate a diff of this commit:



cvs diff -r1.359 -r1.360 krb5/src/include/ChangeLog
cvs diff -r1.140 -r1.141 krb5/src/include/k5-int.h
cvs diff -r5.392 -r5.393 krb5/src/lib/krb5/krb/ChangeLog
cvs diff -r5.21 -r5.22 krb5/src/lib/krb5/krb/copy_data.c
cvs diff -r5.102 -r5.103 krb5/src/lib/krb5/krb/get_in_tkt.c
cvs diff -r5.24 -r5.25 krb5/src/lib/krb5/krb/preauth2.c