Skip Menu |
 

From: Todd Lipcon <todd@cloudera.com>
Date: Thu, 20 Oct 2016 13:50:19 -0700
Subject: Leak in krb5_cccol_have_content with truncated ccache
To: krb5-bugs@mit.edu
If I set KRB5_CCNAME to an empty file (eg /dev/null or a truncated regular file) then krb5_cccol_have_content leaks the 'cache' local variable, because krb5_cc_start_seq_get returns an error.

I'm seeing this on krb5 1.12 but looking at the trunk code the issue seems to be the same.

It's obviously low priority since a truncated ticket cache isn't a normal phenomenon, but ran into this and figured I'd report it.

-Todd
--
Todd Lipcon
Software Engineer, Cloudera
From: ghudson@mit.edu
Subject: git commit

Fix rare leak in krb5_cccol_have_content()

If krb5_cc_start_seq_get() fails inside the loop, close the current
credential cache before continuing to the next one. Reported by Todd
Lipcon.

https://github.com/krb5/krb5/commit/1735f2e74767e56ac3bd75de61d41b8363ec6ce4
Author: Greg Hudson <ghudson@mit.edu>
Commit: 1735f2e74767e56ac3bd75de61d41b8363ec6ce4
Branch: master
src/lib/krb5/ccache/cccursor.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
From: tlyu@mit.edu
Subject: git commit

Fix rare leak in krb5_cccol_have_content()

If krb5_cc_start_seq_get() fails inside the loop, close the current
credential cache before continuing to the next one. Reported by Todd
Lipcon.

(cherry picked from commit 1735f2e74767e56ac3bd75de61d41b8363ec6ce4)

https://github.com/krb5/krb5/commit/80d909e2053dffa09ec31496439e26eaf8b02560
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: 80d909e2053dffa09ec31496439e26eaf8b02560
Branch: krb5-1.14
src/lib/krb5/ccache/cccursor.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
From: tlyu@mit.edu
Subject: git commit

Fix rare leak in krb5_cccol_have_content()

If krb5_cc_start_seq_get() fails inside the loop, close the current
credential cache before continuing to the next one. Reported by Todd
Lipcon.

(cherry picked from commit 1735f2e74767e56ac3bd75de61d41b8363ec6ce4)

https://github.com/krb5/krb5/commit/3bb6e66c07a9864cc7ece0604105bd987e1d2977
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: 3bb6e66c07a9864cc7ece0604105bd987e1d2977
Branch: krb5-1.15
src/lib/krb5/ccache/cccursor.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)