[krb5] fix a memory leak when obtaining creds via keytabs
Nalin Dahyabhai
nalin at fedoraproject.org
Thu Feb 28 21:47:06 UTC 2013
commit 6fdbb463fca04e2299ac716b0520b483016634a4
Author: Nalin Dahyabhai <nalin at redhat.com>
Date: Thu Feb 28 15:57:44 2013 -0500
fix a memory leak when obtaining creds via keytabs
- fix a memory leak when acquiring credentials using a keytab (RT#7586, #911110)
krb5-lookup_etypes-leak.patch | 42 +++++++++++++++++++++++++++++++++++++++++
krb5.spec | 7 +++++-
2 files changed, 48 insertions(+), 1 deletions(-)
---
diff --git a/krb5-lookup_etypes-leak.patch b/krb5-lookup_etypes-leak.patch
new file mode 100644
index 0000000..9c7e082
--- /dev/null
+++ b/krb5-lookup_etypes-leak.patch
@@ -0,0 +1,42 @@
+Petr Spacek notes that when we walk the keytab in lookup_etypes_for_keytab(),
+we don't free entries when we're finished examining them. Ensure that when
+krb5_kt_next_entry() succeeds, we make sure to free the entry storage before we
+exit the current loop iteration. (RT#7586)
+
+--- a/src/lib/krb5/krb/gic_keytab.c
++++ b/src/lib/krb5/krb/gic_keytab.c
+@@ -110,9 +110,9 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
+ goto cleanup;
+
+ if (!krb5_c_valid_enctype(entry.key.enctype))
+- continue;
++ goto next_entry;
+ if (!krb5_principal_compare(context, entry.principal, client))
+- continue;
++ goto next_entry;
+ /* Make sure our list is for the highest kvno found for client. */
+ if (entry.vno > max_kvno) {
+ free(etypes);
+@@ -120,11 +120,12 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
+ count = 0;
+ max_kvno = entry.vno;
+ } else if (entry.vno != max_kvno)
+- continue;
++ goto next_entry;
+
+ /* Leave room for the terminator and possibly a second entry. */
+ p = realloc(etypes, (count + 3) * sizeof(*etypes));
+ if (p == NULL) {
++ krb5_free_keytab_entry_contents(context, &entry);
+ ret = ENOMEM;
+ goto cleanup;
+ }
+@@ -136,6 +137,8 @@ lookup_etypes_for_keytab(krb5_context context, krb5_keytab keytab,
+ entry.key.enctype == ENCTYPE_DES_CBC_MD4)
+ etypes[count++] = ENCTYPE_DES_CBC_CRC;
+ etypes[count] = 0;
++next_entry:
++ krb5_free_keytab_entry_contents(context, &entry);
+ }
+
+ ret = 0;
diff --git a/krb5.spec b/krb5.spec
index aecceff..5e9010e 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -30,7 +30,7 @@
Summary: The Kerberos network authentication system
Name: krb5
Version: 1.11.1
-Release: 2%{?dist}
+Release: 3%{?dist}
# Maybe we should explode from the now-available-to-everybody tarball instead?
# http://web.mit.edu/kerberos/dist/krb5/1.11/krb5-1.11.1-signed.tar
Source0: krb5-%{version}.tar.gz
@@ -73,6 +73,7 @@ Patch75: krb5-pkinit-debug.patch
Patch86: krb5-1.9-debuginfo.patch
Patch105: krb5-kvno-230379.patch
Patch113: krb5-1.11-alpha1-init.patch
+Patch114: krb5-lookup_etypes-leak.patch
License: MIT
URL: http://web.mit.edu/kerberos/www/
@@ -282,6 +283,7 @@ ln -s NOTICE LICENSE
%patch86 -p0 -b .debuginfo
%patch105 -p1 -b .kvno
%patch113 -p1 -b .init
+%patch114 -p1 -b .lookup_etypes-leak
# Take the execute bit off of documentation.
chmod -x doc/krb5-protocol/*.txt
@@ -793,6 +795,9 @@ exit 0
%{_sbindir}/uuserver
%changelog
+* Thu Feb 28 2013 Nalin Dahyabhai <nalin at redhat.com> 1.11.1-3
+- fix a memory leak when acquiring credentials using a keytab (RT#7586, #911110)
+
* Wed Feb 27 2013 Nalin Dahyabhai <nalin at redhat.com> 1.11.1-2
- prebuild PDF docs to reduce multilib differences (internal tooling, #884065)
- drop the kerberos-iv portreserve file, and drop the rest on systemd systems
More information about the scm-commits
mailing list