Skip Menu |
 

To: krb5-bugs@mit.edu
From: Chris Long <chris.long@nextcentury.com>
Subject: gss_add_cred_from does not free credential if passed GSS_C_NO_CREDENTIAL and is successful
Date: Mon, 20 Aug 2018 13:06:07 -0400
     >Submitter-Id:	?
     >Originator:	Chris Long
     >Organization:     Next Century
     >Confidential:	no
     >Synopsis:	gss_add_cred_from does not free credential if passed GSS_C_NO_CREDENTIAL and is successful
     >Severity:	non-critical
     >Priority:	low
     >Category:	krb5-lib
     >Class:	sw-bug
     >Release:	1.16.1
     >System: Linux pc-5000-cl 4.13.0-43-generic #48~16.04.1-Ubuntu SMP Thu May 17 12:56:46 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
     >Machine: x86_64
     >Description:
              The function gss_add_cred_from, in g_acquire_cred.c, allocates
              union_cred if passed GSS_C_NO_CREDENTIAL for the
              input_cred_handle (line 399). However, it only frees this in the
              error condition (line 560). On success, this space is never
              freed.

     >How-To-Repeat:
              Call gss_ad_cred_from with GSS_C_NO_CREDENTIAL. Valgrind will
              report a memory leak.

     >Fix:
              Copy the free-ing code (lines 559-560) to the success
              condition (e.g., line 529).
 
From: ghudson@mit.edu
Subject: git commit

Fix memory leak in gss_add_cred() creation case

If gss_add_cred() is called with no input_cred_handle, it creates a
new credential with one element. At the end of the function, use the
created credential as the output container, rather than creating a
second one and leaking the first.

Add a test program for gss_add_cred() and run it.

https://github.com/krb5/krb5/commit/9e32161dc307a323fd36fd59e252583fe7b90526
Author: Greg Hudson <ghudson@mit.edu>
Commit: 9e32161dc307a323fd36fd59e252583fe7b90526
Branch: master
.gitignore | 1 +
src/lib/gssapi/mechglue/g_acquire_cred.c | 3 +
src/tests/gssapi/Makefile.in | 48 ++++++++-------
src/tests/gssapi/t_add_cred.c | 98 ++++++++++++++++++++++++++++++
src/tests/gssapi/t_gssapi.py | 6 +-
5 files changed, 131 insertions(+), 25 deletions(-)
From: ghudson@mit.edu
Subject: git commit

Fix memory leak in gss_add_cred() creation case

If gss_add_cred() is called with no input_cred_handle, it creates a
new credential with one element. At the end of the function, use the
created credential as the output container, rather than creating a
second one and leaking the first.

Add a test program for gss_add_cred() and run it.

(cherry picked from commit 9e32161dc307a323fd36fd59e252583fe7b90526)

https://github.com/krb5/krb5/commit/a2dfb0be1c78ba9d6fef1e37b9c6e5be5787d31a
Author: Greg Hudson <ghudson@mit.edu>
Commit: a2dfb0be1c78ba9d6fef1e37b9c6e5be5787d31a
Branch: krb5-1.16
.gitignore | 1 +
src/lib/gssapi/mechglue/g_acquire_cred.c | 3 +
src/tests/gssapi/Makefile.in | 48 ++++++++-------
src/tests/gssapi/t_add_cred.c | 98 ++++++++++++++++++++++++++++++
src/tests/gssapi/t_gssapi.py | 6 +-
5 files changed, 131 insertions(+), 25 deletions(-)
From: ghudson@mit.edu
Subject: git commit

Fix memory leak in gss_add_cred() creation case

If gss_add_cred() is called with no input_cred_handle, it creates a
new credential with one element. At the end of the function, use the
created credential as the output container, rather than creating a
second one and leaking the first.

Add a test program for gss_add_cred() and run it.

(cherry picked from commit 9e32161dc307a323fd36fd59e252583fe7b90526)

https://github.com/krb5/krb5/commit/e058595730c57032b84bacbb00806a95fd5eb470
Author: Greg Hudson <ghudson@mit.edu>
Commit: e058595730c57032b84bacbb00806a95fd5eb470
Branch: krb5-1.15
.gitignore | 1 +
src/lib/gssapi/mechglue/g_acquire_cred.c | 3 +
src/tests/gssapi/Makefile.in | 40 ++++++------
src/tests/gssapi/t_add_cred.c | 98 ++++++++++++++++++++++++++++++
src/tests/gssapi/t_gssapi.py | 6 +-
5 files changed, 127 insertions(+), 21 deletions(-)