Subject: | Memory leak/improper data storage in serializer of krb5_context |
From: | Ezra Peisach <epeisach@MIT.EDU> |
To: | krb5-bugs@MIT.EDU |
Date: | 16 May 2003 13:59:47 -0400 |
Now that the os_context is directly part of the krb5_context structure -
(as opposed to a pointer to the os_context), there appears to be a
memory leak in the serailizer library...
lib/krb5/ser_ctx.c:
krb5_context_internalize allocates memory for the krb5_context
structure.
About line 175, krb5_internalize_opaque called with a pointer to the
os_context structure in the krb5_context. This then gets to
krb5_oscontext_internalize - which allocates the memory for the
krb5_os_context. This pointer is then stored in the pointer passed in
from krb5_context_internalize....
Hmm - on second thought - this is simply wrong... It is overwriting the
structure with a pointer - so the code is even more broken....
Anyways - krb5_context_internalize should pass a pointer to a
krb5_os_context *, and then copy the data back into the krb5_context...
Ezra