diff options
author | Volker Lendecke <vl@samba.org> | 2010-05-04 13:54:51 +0200 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2010-05-04 12:00:13 +0200 |
commit | a7b06f4c0d62b570e77360e7e29b805410379b78 (patch) | |
tree | b8ae80eae63853190135da40ec1f699015d46acf /source3/libads | |
parent | 6eb839cd1695ce8da991c19611210eefda902c0f (diff) | |
download | samba-a7b06f4c0d62b570e77360e7e29b805410379b78.tar.gz samba-a7b06f4c0d62b570e77360e7e29b805410379b78.tar.bz2 samba-a7b06f4c0d62b570e77360e7e29b805410379b78.zip |
s3: Fix a memleak in check_pac_checksum
Diffstat (limited to 'source3/libads')
-rw-r--r-- | source3/libads/authdata.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c index ed158ee2d8..ee2dbde02c 100644 --- a/source3/libads/authdata.c +++ b/source3/libads/authdata.c @@ -100,6 +100,8 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, DATA_BLOB *srv_sig_blob = NULL; DATA_BLOB *kdc_sig_blob = NULL; + bool bool_ret; + *pac_data_out = NULL; pac_data = TALLOC_ZERO_P(mem_ctx, struct PAC_DATA); @@ -292,10 +294,14 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_PARAMETER; } - if (!smb_krb5_principal_compare_any_realm(context, client_principal, client_principal_pac)) { + bool_ret = smb_krb5_principal_compare_any_realm( + context, client_principal, client_principal_pac); + + krb5_free_principal(context, client_principal_pac); + + if (!bool_ret) { DEBUG(2, ("Name in PAC [%s] does not match principal name in ticket\n", logon_name->account_name)); - krb5_free_principal(context, client_principal_pac); return NT_STATUS_ACCESS_DENIED; } |