Skip Menu |

Subject: Memory leak/improper data storage in serializer of krb5_context
From: Ezra Peisach <epeisach@MIT.EDU>
To: krb5-bugs@MIT.EDU
Date: 16 May 2003 13:59:47 -0400

Now that the os_context is directly part of the krb5_context structure -
(as opposed to a pointer to the os_context), there appears to be a
memory leak in the serailizer library...


krb5_context_internalize allocates memory for the krb5_context

About line 175, krb5_internalize_opaque called with a pointer to the
os_context structure in the krb5_context. This then gets to
krb5_oscontext_internalize - which allocates the memory for the
krb5_os_context. This pointer is then stored in the pointer passed in
from krb5_context_internalize....

Hmm - on second thought - this is simply wrong... It is overwriting the
structure with a pointer - so the code is even more broken....

Anyways - krb5_context_internalize should pass a pointer to a
krb5_os_context *, and then copy the data back into the krb5_context...

My bad ... I changed the pointer in krb5_context to a directly
incorporated member, and overlooked this allocation point. Thanks for
catching it. I'll get a fix in soon.
Subject: CVS Commit
* ser_ctx.c (krb5_context_internalize): Copy read-in OS context data into
krb5_context and free up the newly allocated OS context.

To generate a diff of this commit:

cvs diff -r5.394 -r5.395 krb5/src/lib/krb5/krb/ChangeLog
cvs diff -r5.15 -r5.16 krb5/src/lib/krb5/krb/ser_ctx.c
I've run some purify tests, I think this is okay now.