Skip Menu |

From: Bean Zhang <>
To: "" <>
Subject: Resource leak in kdb5_purge_mkeys()
Date: Tue, 19 Jun 2018 08:16:01 +0000
Hi Team,

In kdb5_purge_mkeys() of krb5-1.16.1/src/kadmin/dbutil/kdb5_mkey.c,
When calls krb5_dbe_lookup_mkey_aux(), will store the allocated memory to mkey_aux_list,
later if krb5_dbe_update_mkey_aux() fails, this function returns without
freeing the memory that mkey_aux_list points to.

The fix is to call "goto cleanup_return;" instead of "return;"

Could someone help to take a look?

Subject: git commit

Fix minor leak in kdb5_util purge_mkeys

In kdb5_purge_mkeys(), if krb5_dbe_update_mkey_aux() fails, use the
cleanup label to free any allocated memory instead of returning
immediately. Reported by Bean Zhang.
Author: Greg Hudson <>
Commit: 6d822841648761ac888b9a95693ad87a8aaf165c
Branch: master
src/kadmin/dbutil/kdb5_mkey.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)