diff options
| author | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-12-04 16:38:02 +0100 |
|---|---|---|
| committer | Matthias Dieter Wallnöfer <mdw@samba.org> | 2010-12-04 16:40:25 +0100 |
| commit | f1db3c52de6e5a68efe697a9af3497251c30f8fb (patch) | |
| tree | 24874d87de1af5cda8a1ddc17bc2fc0077910a27 /source4/auth | |
| parent | ee311beabe0dd9f904f05a4c8d8bab065eda1fb7 (diff) | |
| download | samba-f1db3c52de6e5a68efe697a9af3497251c30f8fb.tar.gz samba-f1db3c52de6e5a68efe697a9af3497251c30f8fb.tar.bz2 samba-f1db3c52de6e5a68efe697a9af3497251c30f8fb.zip | |
s4:auth/gensec/gensec_krb5.c - fix/reorder memory free operations
To prevent memory leaks
Diffstat (limited to 'source4/auth')
| -rw-r--r-- | source4/auth/gensec/gensec_krb5.c | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c index deb22adb2d..fc96e3851c 100644 --- a/source4/auth/gensec/gensec_krb5.c +++ b/source4/auth/gensec/gensec_krb5.c @@ -153,6 +153,7 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security, bool (struct sockaddr *) &ss, sizeof(struct sockaddr_storage)); if (socklen < 0) { + talloc_free(gensec_krb5_state); return NT_STATUS_INTERNAL_ERROR; } ret = krb5_sockaddr2address(gensec_krb5_state->smb_krb5_context->krb5_context, @@ -175,6 +176,7 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security, bool (struct sockaddr *) &ss, sizeof(struct sockaddr_storage)); if (socklen < 0) { + talloc_free(gensec_krb5_state); return NT_STATUS_INTERNAL_ERROR; } ret = krb5_sockaddr2address(gensec_krb5_state->smb_krb5_context->krb5_context, @@ -633,6 +635,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security DEBUG(1, ("Unable to parse client principal: %s\n", smb_get_krb5_error_message(context, ret, mem_ctx))); + krb5_free_principal(context, client_principal); talloc_free(mem_ctx); return NT_STATUS_NO_MEMORY; } @@ -646,8 +649,9 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security principal_string, smb_get_krb5_error_message(context, ret, mem_ctx))); - krb5_free_principal(context, client_principal); free(principal_string); + krb5_free_principal(context, client_principal); + talloc_free(mem_ctx); return NT_STATUS_ACCESS_DENIED; } else if (ret) { /* NO pac */ @@ -664,6 +668,8 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security principal_string, NULL, &server_info); if (!NT_STATUS_IS_OK(nt_status)) { + free(principal_string); + krb5_free_principal(context, client_principal); talloc_free(mem_ctx); return nt_status; } @@ -678,10 +684,10 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security } else { /* Found pac */ union netr_Validation validation; - free(principal_string); pac = data_blob_talloc(mem_ctx, pac_data.data, pac_data.length); if (!pac.data) { + free(principal_string); krb5_free_principal(context, client_principal); talloc_free(mem_ctx); return NT_STATUS_NO_MEMORY; @@ -694,9 +700,10 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security NULL, gensec_krb5_state->keyblock, client_principal, gensec_krb5_state->ticket->ticket.authtime, NULL); - krb5_free_principal(context, client_principal); if (!NT_STATUS_IS_OK(nt_status)) { + free(principal_string); + krb5_free_principal(context, client_principal); talloc_free(mem_ctx); return nt_status; } @@ -707,11 +714,16 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security 3, &validation, &server_info); if (!NT_STATUS_IS_OK(nt_status)) { + free(principal_string); + krb5_free_principal(context, client_principal); talloc_free(mem_ctx); return nt_status; } } + free(principal_string); + krb5_free_principal(context, client_principal); + /* references the server_info into the session_info */ nt_status = gensec_generate_session_info(mem_ctx, gensec_security, server_info, &session_info); |