From: | Bean Zhang <bean.zhang@centrify.com> |
To: | "krb5-bugs@mit.edu" <krb5-bugs@mit.edu> |
Subject: | Resource leak in krb5_524_conv_principal() |
Date: | Fri, 15 Jun 2018 03:39:08 +0000 |
Hi Team,
In krb5-1.16.1/src/lib/krb5/krb/conv_princ.c,
krb5_524_conv_principal() calls profile_get_string() which allocates memory and stores into temp_realm,
but later if (tmp_realm_len > REALM_SZ - 1), before "return KRB5_INVALID_PRINCIPAL", does not free the storage temp_realm points to.
The fix is simple, just call "profile_release_string(tmp_realm);" before "return KRB5_INVALID_PRINCIPAL".
Could someone help to take a look?
Thanks,
Bean