Skip Menu |
 

History Show all quoted textShow full headers
# Wed Jun 20 10:54:47 2018 Bean Zhang <bean.zhang@centrify.com> - Ticket created
From: Bean Zhang <bean.zhang@centrify.com>
To: "krb5-bugs@mit.edu" <krb5-bugs@mit.edu>
Subject: Resource leak in read_secret_file()
Date: Wed, 20 Jun 2018 03:47:14 +0000
Download (untitled) / with headers
text/plain 360B
Download (untitled) / with headers
text/html 793B
Hi Team,

In read_secret_file() of krb5-1.16.1/src/plugins/preauth/otp/otp_state.c,
When calls k5_path_join(), will store the allocated memory to filename,
later if this function returns, it does not free the memory filename points to.

The fix is to call "free(filename)" before function returns.

Could someone help to take a look?

Thanks,
Bean
# Thu Jun 28 00:52:47 2018 ghudson@mit.edu (Greg Hudson) - Given to ghudson@mit.edu (Greg Hudson)
# Thu Jun 28 00:52:47 2018 ghudson@mit.edu (Greg Hudson) - Target_Version 1.16-next added
# Thu Jun 28 00:52:47 2018 ghudson@mit.edu (Greg Hudson) - Target_Version 1.15-next added
# Thu Jun 28 00:52:47 2018 ghudson@mit.edu (Greg Hudson) - Tags pullup added
# Thu Jun 28 00:52:47 2018 ghudson@mit.edu (Greg Hudson) - Status changed from 'new' to 'resolved'
# Thu Jun 28 00:52:47 2018 ghudson@mit.edu (Greg Hudson) - Correspondence added
From: ghudson@mit.edu
Subject: git commit
Download (untitled) / with headers
text/plain 591B

Fix OTP secret file leak and whitespace removal

In read_secret_file() in the OTP kdcpreauth module, add a cleanup
label and free filename on exit. Also fix the whitespace stripping
code to correctly find the end offset, and use size_t rather than int
offsets. The leak was reported by Bean Zhang.

https://github.com/krb5/krb5/commit/396c736c0add2e13f4a9aaaefc9c86445b701953
Author: Greg Hudson <ghudson@mit.edu>
Commit: 396c736c0add2e13f4a9aaaefc9c86445b701953
Branch: master
src/plugins/preauth/otp/otp_state.c | 15 +++++++++------
1 files changed, 9 insertions(+), 6 deletions(-)
# Sat Oct 27 11:45:53 2018 ghudson@mit.edu (Greg Hudson) - Version_Fixed 1.17 added
# Tue Oct 30 12:25:39 2018 ghudson@mit.edu (Greg Hudson) - Version_Fixed 1.16.2 added
# Tue Oct 30 12:25:39 2018 ghudson@mit.edu (Greg Hudson) - Correspondence added
From: ghudson@mit.edu
Subject: git commit
Download (untitled) / with headers
text/plain 664B

Fix OTP secret file leak and whitespace removal

In read_secret_file() in the OTP kdcpreauth module, add a cleanup
label and free filename on exit. Also fix the whitespace stripping
code to correctly find the end offset, and use size_t rather than int
offsets. The leak was reported by Bean Zhang.

(cherry picked from commit 396c736c0add2e13f4a9aaaefc9c86445b701953)

https://github.com/krb5/krb5/commit/e7e666c8ecd0f2e515a28dcc8eb6b67a3557243a
Author: Greg Hudson <ghudson@mit.edu>
Commit: e7e666c8ecd0f2e515a28dcc8eb6b67a3557243a
Branch: krb5-1.16
src/plugins/preauth/otp/otp_state.c | 15 +++++++++------
1 files changed, 9 insertions(+), 6 deletions(-)
# Tue Oct 30 12:27:36 2018 ghudson@mit.edu (Greg Hudson) - Version_Fixed 1.15.4 added
# Tue Oct 30 12:27:36 2018 ghudson@mit.edu (Greg Hudson) - Correspondence added
From: ghudson@mit.edu
Subject: git commit
Download (untitled) / with headers
text/plain 664B

Fix OTP secret file leak and whitespace removal

In read_secret_file() in the OTP kdcpreauth module, add a cleanup
label and free filename on exit. Also fix the whitespace stripping
code to correctly find the end offset, and use size_t rather than int
offsets. The leak was reported by Bean Zhang.

(cherry picked from commit 396c736c0add2e13f4a9aaaefc9c86445b701953)

https://github.com/krb5/krb5/commit/e5d7803051f2d5d8d3b58926693fe63f3cef4380
Author: Greg Hudson <ghudson@mit.edu>
Commit: e5d7803051f2d5d8d3b58926693fe63f3cef4380
Branch: krb5-1.15
src/plugins/preauth/otp/otp_state.c | 15 +++++++++------
1 files changed, 9 insertions(+), 6 deletions(-)
# Tue Oct 30 12:29:00 2018 ghudson@mit.edu (Greg Hudson) - CustomField pullup deleted