Skip Menu |
 

From: Bean Zhang <bean.zhang@centrify.com>
To: "krb5-bugs@mit.edu" <krb5-bugs@mit.edu>
Subject: Resource leak in kr_remote_send()
Date: Tue, 19 Jun 2018 09:02:09 +0000
In cache_set() of krb5-1.16.1/src/lib/rpc/svc_udp.c,
When calls ALLOC(), will store the allocated memory to victim,
later if mem_alloc() fails, this function returns without
freeing the memory that victim points to.

The fix is to call "mem_free(r)" if this function returns on calling mem_alloc() failure.

Could someone help to take a look?

Thanks,
Bean
From: ghudson@mit.edu
Subject: git commit

Fix minor leak in gssrpc UDP cache code

In svc_udp.c:cache_set(), if victim is allocated successfully but
allocation for newbuf fails, free victim before returning. Reported
by Bean Zhang.

https://github.com/krb5/krb5/commit/909c655a9fa38102cfc9864757a33173388146ba
Author: Greg Hudson <ghudson@mit.edu>
Commit: 909c655a9fa38102cfc9864757a33173388146ba
Branch: master
src/lib/rpc/svc_udp.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)