summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2009-03-19 16:42:54 +0100
committerGünther Deschner <gd@samba.org>2009-03-20 10:41:44 +0100
commit1524abd8bf12d82e1fb0063585fc9a465fc7bf9c (patch)
tree72003fe2d47ffa145cbb30bffb1c57548eba6e51
parent2c186be0df33664eea980c17720be41f25f91288 (diff)
downloadsamba-1524abd8bf12d82e1fb0063585fc9a465fc7bf9c.tar.gz
samba-1524abd8bf12d82e1fb0063585fc9a465fc7bf9c.tar.bz2
samba-1524abd8bf12d82e1fb0063585fc9a465fc7bf9c.zip
s3-krb5: Fix Coverity #722 (RESOURCE_LEAK).
Guenther
-rw-r--r--source3/libsmb/clikrb5.c30
1 files changed, 18 insertions, 12 deletions
diff --git a/source3/libsmb/clikrb5.c b/source3/libsmb/clikrb5.c
index 168ca63303..4ab31374e2 100644
--- a/source3/libsmb/clikrb5.c
+++ b/source3/libsmb/clikrb5.c
@@ -878,24 +878,30 @@ failed:
bool get_krb5_smb_session_key(krb5_context context, krb5_auth_context auth_context, DATA_BLOB *session_key, bool remote)
{
- krb5_keyblock *skey;
- krb5_error_code err;
- bool ret = False;
+ krb5_keyblock *skey = NULL;
+ krb5_error_code err = 0;
+ bool ret = false;
- if (remote)
+ if (remote) {
err = krb5_auth_con_getremotesubkey(context, auth_context, &skey);
- else
+ } else {
err = krb5_auth_con_getlocalsubkey(context, auth_context, &skey);
- if (err == 0 && skey != NULL) {
- DEBUG(10, ("Got KRB5 session key of length %d\n", (int)KRB5_KEY_LENGTH(skey)));
- *session_key = data_blob(KRB5_KEY_DATA(skey), KRB5_KEY_LENGTH(skey));
- dump_data_pw("KRB5 Session Key:\n", session_key->data, session_key->length);
+ }
- ret = True;
+ if (err || skey == NULL) {
+ DEBUG(10, ("KRB5 error getting session key %d\n", err));
+ goto done;
+ }
+ DEBUG(10, ("Got KRB5 session key of length %d\n", (int)KRB5_KEY_LENGTH(skey)));
+ *session_key = data_blob(KRB5_KEY_DATA(skey), KRB5_KEY_LENGTH(skey));
+ dump_data_pw("KRB5 Session Key:\n", session_key->data, session_key->length);
+
+ ret = true;
+
+ done:
+ if (skey) {
krb5_free_keyblock(context, skey);
- } else {
- DEBUG(10, ("KRB5 error getting session key %d\n", err));
}
return ret;