Skip Menu |

Subject: CVS Commit
Derrick Schommer reports that arcfour's string_to_key function leaks
memory. This is true; it copies the password to convert to utf16 and
never frees the copy. It does memset the copy to 0 when done.

To generate a diff of this commit:

cvs diff -r1.21 -r1.22 krb5/src/lib/crypto/arcfour/ChangeLog
cvs diff -r1.6 -r1.7 krb5/src/lib/crypto/arcfour/string_to_key.c