[HACKERS] Close handle leak in SSPI auth

Christian Ullrich Sun, 10 Jan 2016 11:59:10 -0800

Hello,

here's a one-line patch to close a handle leak in pg_SSPI_recvauth().

According to the docs, the token retrieved withQuerySecurityContextToken() must be closed.


--
Christian

diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
new file mode 100644
index 0131bfd..57c2f48
*** a/src/backend/libpq/auth.c
--- b/src/backend/libpq/auth.c
*************** pg_SSPI_recvauth(Port *port)
*** 1253,1258 ****
--- 1253,1260 ----
                                (errmsg_internal("could not get user token: 
error code %lu",
                                                                 
GetLastError())));
  
+       CloseHandle(token);
+ 
        if (!LookupAccountSid(NULL, tokenuser->User.Sid, accountname, 
&accountnamesize,
                                                  domainname, &domainnamesize, 
&accountnameuse))
                ereport(ERROR,

-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

[HACKERS] Close handle leak in SSPI auth

Reply via email to