Skip Menu |
 

Subject: Memory leak in krb5_get_init_creds()
There is a memory leak in function krb5_get_init_creds() (lib/krb5/krb/get_in_tkt.c

The function calls krb5_libdefaults_string() at two places and forgets to free the returned
string tempstr. It frees the string only when the call to kr5_string_to_deltat() fails and the
function is going to return error. When the conversion is successful, memory is leaked.

Found when using the Kerberos.framework on Mac OS X 10.4.2 and checking our application
with the "leaks" utility. Version 1.4 is used there.

Attached is a patch to file get_in_tkt.c
Download get_in_tkt.patch
application/octet-stream 374B

Message body not shown because it is not plain text.

From: tlyu@mit.edu
Subject: CVS Commit
* get_in_tkt.c (krb5_get_init_creds): Free tempstr on non-error
returns from krb5_string_to_deltat() to avoid memory leak.


To generate a diff of this commit:



cvs diff -r5.475 -r5.476 krb5/src/lib/krb5/krb/ChangeLog
cvs diff -r5.111 -r5.112 krb5/src/lib/krb5/krb/get_in_tkt.c
From: tlyu@mit.edu
Subject: CVS Commit
pullup r17330 from trunk (minus cvs2svn metadata)

Commit By: tlyu



Revision: 17374
Changed Files:
U branches/krb5-1-4/src/lib/krb5/krb/ChangeLog
U branches/krb5-1-4/src/lib/krb5/krb/get_in_tkt.c