From: | Bean Zhang <bean.zhang@centrify.com> |
To: | "krb5-bugs@mit.edu" <krb5-bugs@mit.edu> |
Subject: | Resource leak in kr_remote_send() |
Date: | Tue, 19 Jun 2018 09:02:09 +0000 |
In cache_set() of krb5-1.16.1/src/lib/rpc/svc_udp.c,
When calls ALLOC(), will store the allocated memory to victim,
later if mem_alloc() fails, this function returns without
freeing the memory that victim points to.
The fix is to call "mem_free(r)" if this function returns on calling mem_alloc() failure.
Could someone help to take a look?
Thanks,
Bean