Skip Menu |
 

From: Bean Zhang <bean.zhang@centrify.com>
To: "krb5-bugs@mit.edu" <krb5-bugs@mit.edu>
Subject: Resource leak in krb5_gss_inquire_cred()
Date: Fri, 15 Jun 2018 08:18:10 +0000
Hi Team,

krb5_gss_inquire_cred() in krb5-1.16.1/src/lib/gssapi/krb5/inq_cred.c
calls generic_gss_create_empty_oid_set() to create a empty oid set and store allocated memory to pointer "mechs"
but later if the code run into "goto fail", the storage mechs points to will not be freed when leaves this function.

The fix is to call gssalloc_free(mechs) in fail label.

Could someone help to take a look?

Thanks,
Bean
From: ghudson@mit.edu
Subject: git commit

Fix minor leak in krb5_gss_inquire_cred()

If mechs is created but one of the generic_gss_add_oid_set_member()
calls fails, it leaks. Initialize mechs and free it in the fail
label. Also null mechs when we transfer ownership of it to the
caller, in case we later unify the success and failure exit paths.
Reported by Bean Zhang.

https://github.com/krb5/krb5/commit/46972c0664b7cfd70c40370c22e604efc0225e14
Author: Greg Hudson <ghudson@mit.edu>
Commit: 46972c0664b7cfd70c40370c22e604efc0225e14
Branch: master
src/lib/gssapi/krb5/inq_cred.c | 7 +++++--
1 files changed, 5 insertions(+), 2 deletions(-)