I found this while running an application under valgrind in search of a
bug in my code. In kadm5_get_init_creds, the local variable "client" is
initialized with krb5_parse_name, then never freed. I believe something
like the attached patch is appropriate.
I found this on a Fedora Core 6 box, which has kerberos 1.5 installed.
However, I downloaded the 1.6 release and verified that the leak is
still present.
Please CC me if you need anything more, as I am not subscribed to this
list. This is a drive-by patching.
--- src/lib/kadm5/clnt/client_init.c.ORIG 2006-05-15 19:45:00.000000000 -0600
+++ src/lib/kadm5/clnt/client_init.c 2007-03-03 19:57:26.000000000 -0700
@@ -410,7 +410,7 @@
strlen(krb5_cc_get_name(handle->context, ccache)) + 2);
if (handle->cache_name == NULL) {
code = ENOMEM;
- goto error;
+ goto error2;
}
sprintf(handle->cache_name, "%s:%s",
krb5_cc_get_type(handle->context, ccache),
@@ -425,11 +425,11 @@
code = krb5_cc_resolve(handle->context, handle->cache_name,
&ccache);
if (code)
- goto error;
+ goto error2;
code = krb5_cc_initialize (handle->context, ccache, client);
if (code)
- goto error;
+ goto error2;
handle->destroy_cache = 1;
}
@@ -451,6 +451,8 @@
if (code == KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN)
code = KADM5_SECURE_PRINC_MISSING;
+error2:
+ krb5_free_principal(handle->context, client);
error:
if (ccache != NULL && init_type != INIT_CREDS)
krb5_cc_close(handle->context, ccache);
Regards,
--
Jerry James, Assistant Professor [EMAIL PROTECTED]
Computer Science Department http://www.cs.usu.edu/~jerry/
Utah State University
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
