Skip Menu |
 

From: Bean Zhang <bean.zhang@centrify.com>
To: "krb5-bugs@mit.edu" <krb5-bugs@mit.edu>
Subject: Resource leak in kdb5_purge_mkeys()
Date: Tue, 19 Jun 2018 08:16:01 +0000
Hi Team,

In kdb5_purge_mkeys() of krb5-1.16.1/src/kadmin/dbutil/kdb5_mkey.c,
When calls krb5_dbe_lookup_mkey_aux(), will store the allocated memory to mkey_aux_list,
later if krb5_dbe_update_mkey_aux() fails, this function returns without
freeing the memory that mkey_aux_list points to.

The fix is to call "goto cleanup_return;" instead of "return;"

Could someone help to take a look?

Thanks,
Bean
From: ghudson@mit.edu
Subject: git commit

Fix minor leak in kdb5_util purge_mkeys

In kdb5_purge_mkeys(), if krb5_dbe_update_mkey_aux() fails, use the
cleanup label to free any allocated memory instead of returning
immediately. Reported by Bean Zhang.

https://github.com/krb5/krb5/commit/6d822841648761ac888b9a95693ad87a8aaf165c
Author: Greg Hudson <ghudson@mit.edu>
Commit: 6d822841648761ac888b9a95693ad87a8aaf165c
Branch: master
src/kadmin/dbutil/kdb5_mkey.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)