Skip Menu |
 

Subject: potential memory leak in spnego
Date: Fri, 5 Nov 2010 18:33:09 -0400
From: "Arlene Berry" <aberry@likewise.com>
To: <krb5-bugs@mit.edu>
In src/lib/gssapi/spnego/spnego_mech.c in init_ctx_new and
acc_ctx_hints, if create_spnego_ctx succeeds but put_mech_set fails, sc
will be leaked.

--- src/lib/gssapi/spnego/spnego_mech.c (revision 52308)
+++ src/lib/gssapi/spnego/spnego_mech.c (revision 52309)
@@ -664,10 +664,12 @@
*/
sc->ctx_handle = GSS_C_NO_CONTEXT;
*ctx = (gss_ctx_id_t)sc;
+ sc = NULL;
*tokflag = INIT_TOKEN_SEND;
ret = GSS_S_CONTINUE_NEEDED;

cleanup:
+ release_spnego_ctx(&sc);
gss_release_buffer(&tmpmin, &tmpoutput);
gss_delete_sec_context(&tmpmin, &tmpctx, GSS_C_NO_BUFFER);
gss_release_oid_set(&tmpmin, mechSet);
@@ -1358,9 +1360,11 @@
*return_token = INIT_TOKEN_SEND;
sc->firstpass = 1;
*ctx = (gss_ctx_id_t)sc;
+ sc = NULL;
ret = GSS_S_COMPLETE;

cleanup:
+ release_spnego_ctx(&sc);
gss_release_oid_set(&tmpmin, &supported_mechSet);

return ret;
From: ghudson@mit.edu
Subject: SVN Commit

Fix a couple of cases in the SPNEGO implementation where a
half-constructed SPNEGO context could be leaked. Patch from
aberry@likewise.com, slightly amended.


https://github.com/krb5/krb5/commit/152485846a37a4f44c2287b638c2d3c42162d3d0
Commit By: ghudson
Revision: 24591
Changed Files:
U trunk/src/lib/gssapi/spnego/spnego_mech.c