0c0e91e6d7
This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/gssproxy.git#8e5cc4d7fc533e97be36d2a37cf4c209610c2b44
32 lines
1.1 KiB
Diff
32 lines
1.1 KiB
Diff
From d9a37354c9a040b151fbd737b84b7cacb315ec9d Mon Sep 17 00:00:00 2001
|
|
From: Simo Sorce <simo@redhat.com>
|
|
Date: Thu, 27 Aug 2020 15:35:40 -0400
|
|
Subject: [PATCH] Always free ciphertext data in gp_encrypt_buffer
|
|
|
|
Signed-off-by: Simo Sorce <simo@redhat.com>
|
|
[rharwood@redhat.com: rewrote commit message]
|
|
Reviewed-by: Robbie Harwood <rharwood@redhat.com>
|
|
(cherry picked from commit fe9e3c29caab90daf19028fb31ff28622d8708a9)
|
|
---
|
|
src/gp_export.c | 7 +++----
|
|
1 file changed, 3 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/src/gp_export.c b/src/gp_export.c
|
|
index a5681c0..fb2f81b 100644
|
|
--- a/src/gp_export.c
|
|
+++ b/src/gp_export.c
|
|
@@ -308,10 +308,9 @@ static int gp_encrypt_buffer(krb5_context context, krb5_keyblock *key,
|
|
ret = gp_conv_octet_string(enc_handle.ciphertext.length,
|
|
enc_handle.ciphertext.data,
|
|
out);
|
|
- if (ret) {
|
|
- free(enc_handle.ciphertext.data);
|
|
- goto done;
|
|
- }
|
|
+ /* the conversion function copies the data, so free our copy
|
|
+ * unconditionally, or we leak */
|
|
+ free(enc_handle.ciphertext.data);
|
|
|
|
done:
|
|
free(padded);
|