Re: [SSSD] [PATCH] Validate keytab at startup

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/21/2010 11:51 AM, Jakub Hrozek wrote: Nack. sss_krb5_verify_keytab() should not be passed a memctx. No memory created in this function is being passed back to the caller. It would be much better to create a tmp_ctx (at the top-level) for the function and talloc_free() that in the done: label. This will make it easier to detect memory leaks with valgrind, as well. There is a bug with memory handling of the realm_name variable. If we populate this value with krb5_get_default_realm(), it needs to be freed with krb5_free_string(). Right now we would be attempting to call talloc_free() on it, and that would fail. The safest thing to do would be to pass a temporary string into krb5_get_default_realm() and then talloc_strdup() the returned value into realm_name and immediately krb5_free_string() the temporary variable. - -- Stephen Gallagher RHCE 804006346421761 Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/