From 973001e91a3988f4338f88599acbf4ab8978e1c9 Mon Sep 17 00:00:00 2001
From: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Date: Tue, 16 Mar 2010 16:26:25 +0100
Subject: heimdal - free always "ctx->password" when it isn't needed anymore

"strdup" does always create a new object in the memory (through "malloc") which
needs to be freed if it isn't used anymore.
---
 source4/heimdal/lib/krb5/init_creds_pw.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'source4/heimdal/lib/krb5/init_creds_pw.c')

diff --git a/source4/heimdal/lib/krb5/init_creds_pw.c b/source4/heimdal/lib/krb5/init_creds_pw.c
index b615f5340a..f32b4186a4 100644
--- a/source4/heimdal/lib/krb5/init_creds_pw.c
+++ b/source4/heimdal/lib/krb5/init_creds_pw.c
@@ -107,6 +107,8 @@ free_init_creds_ctx(krb5_context context, krb5_init_creds_context ctx)
 	free (ctx->pre_auth_types);
     if (ctx->in_tkt_service)
 	free(ctx->in_tkt_service);
+    if (ctx->password)
+        free(ctx->password);
     if (ctx->keytab_data)
 	free(ctx->keytab_data);
     krb5_data_free(&ctx->req_buffer);
@@ -1354,7 +1356,7 @@ krb5_init_creds_set_password(krb5_context context,
 			     const char *password)
 {
     if (ctx->password)
-	memset(ctx->password, 0, strlen(ctx->password));
+        free(ctx->password);
     if (password) {
 	ctx->password = strdup(password);
 	if (ctx->password == NULL) {
-- 
cgit