From: | Bean Zhang <bean.zhang@centrify.com> |
To: | "krb5-bugs@mit.edu" <krb5-bugs@mit.edu> |
Subject: | Resource leak in kdb5_purge_mkeys() |
Date: | Tue, 19 Jun 2018 08:16:01 +0000 |
Hi Team,
In kdb5_purge_mkeys() of krb5-1.16.1/src/kadmin/dbutil/kdb5_mkey.c,
When calls krb5_dbe_lookup_mkey_aux(), will store the allocated memory to mkey_aux_list,
later if krb5_dbe_update_mkey_aux() fails, this function returns without
freeing the memory that mkey_aux_list points to.
The fix is to call "goto cleanup_return;" instead of "return;"
Could someone help to take a look?
Thanks,
Bean