From 3fb5ae600efaeeb1cb7ee02d465b49bc52d111bf Mon Sep 17 00:00:00 2001
From: Matthias Dieter Wallnöfer <mdw@samba.org>
Date: Sat, 4 Dec 2010 14:24:43 +0100
Subject: s4:auth/kerberos/kerberos_pac.c - fix another memory leak regarding
 the KRB principal
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

In addition fix a counter type

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Dec  4 15:14:46 CET 2010 on sn-devel-104
---
 source4/auth/kerberos/kerberos_pac.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'source4/auth')

diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c
index 5e31c4596d..23b875056b 100644
--- a/source4/auth/kerberos/kerberos_pac.c
+++ b/source4/auth/kerberos/kerberos_pac.c
@@ -93,7 +93,7 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx,
 	DATA_BLOB modified_pac_blob;
 	NTTIME tgs_authtime_nttime;
 	krb5_principal client_principal_pac;
-	int i;
+	uint32_t i;
 
 	krb5_clear_error_message(context);
 
@@ -316,9 +316,12 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx,
 	if (!krb5_principal_compare_any_realm(context, client_principal, client_principal_pac)) {
 		DEBUG(2, ("Name in PAC [%s] does not match principal name in ticket\n",
 			  logon_name->account_name));
+		krb5_free_principal(context, client_principal_pac);
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
+	krb5_free_principal(context, client_principal_pac);
+
 #if 0
 	if (strcasecmp(logon_info->info3.base.account_name.string,
 		       "Administrator")== 0) {
-- 
cgit