nfs-utils/SOURCES/nfs-utils-2.3.3-gssd-memoryleak.patch
2021-09-09 22:48:24 +00:00

119 lines
3.4 KiB
Diff

diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index eb993aab..26e51edf 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -459,7 +459,7 @@ gssd_get_single_krb5_cred(krb5_context context,
if (ccache)
krb5_cc_close(context, ccache);
krb5_free_cred_contents(context, &my_creds);
- free(k5err);
+ krb5_free_string(context, k5err);
return (code);
}
@@ -698,7 +698,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
"we failed to unparse principal name: %s\n",
k5err);
k5_free_kt_entry(context, kte);
- free(k5err);
+ krb5_free_string(context, k5err);
k5err = NULL;
continue;
}
@@ -745,7 +745,7 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt,
if (retval < 0)
retval = 0;
out:
- free(k5err);
+ krb5_free_string(context, k5err);
return retval;
}
@@ -774,7 +774,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt,
int tried_all = 0, tried_default = 0, tried_upper = 0;
krb5_principal princ;
const char *notsetstr = "not set";
- char *adhostoverride;
+ char *adhostoverride = NULL;
/* Get full target hostname */
@@ -802,7 +802,6 @@ find_keytab_entry(krb5_context context, krb5_keytab kt,
adhostoverride);
/* No overflow: Windows cannot handle strings longer than 19 chars */
strcpy(myhostad, adhostoverride);
- free(adhostoverride);
} else {
strcpy(myhostad, myhostname);
for (i = 0; myhostad[i] != 0; ++i) {
@@ -811,6 +810,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt,
myhostad[i] = '$';
myhostad[i+1] = 0;
}
+ if (adhostoverride)
+ krb5_free_string(context, adhostoverride);
if (!srchost) {
retval = get_full_hostname(myhostname, myhostname, sizeof(myhostname));
@@ -901,7 +902,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt,
k5err = gssd_k5_err_msg(context, code);
printerr(1, "%s while building principal for '%s'\n",
k5err, spn);
- free(k5err);
+ krb5_free_string(context, k5err);
k5err = NULL;
continue;
}
@@ -911,7 +912,7 @@ find_keytab_entry(krb5_context context, krb5_keytab kt,
k5err = gssd_k5_err_msg(context, code);
printerr(3, "%s while getting keytab entry for '%s'\n",
k5err, spn);
- free(k5err);
+ krb5_free_string(context, k5err);
k5err = NULL;
/*
* We tried the active directory machine account
@@ -960,7 +961,7 @@ out:
k5_free_default_realm(context, default_realm);
if (realmnames)
krb5_free_host_realm(context, realmnames);
- free(k5err);
+ krb5_free_string(context, k5err);
return retval;
}
@@ -1223,7 +1224,7 @@ gssd_destroy_krb5_machine_creds(void)
printerr(0, "WARNING: %s while resolving credential "
"cache '%s' for destruction\n", k5err,
ple->ccname);
- free(k5err);
+ krb5_free_string(context, k5err);
k5err = NULL;
continue;
}
@@ -1232,13 +1233,13 @@ gssd_destroy_krb5_machine_creds(void)
k5err = gssd_k5_err_msg(context, code);
printerr(0, "WARNING: %s while destroying credential "
"cache '%s'\n", k5err, ple->ccname);
- free(k5err);
+ krb5_free_string(context, k5err);
k5err = NULL;
}
}
krb5_free_context(context);
out:
- free(k5err);
+ krb5_free_string(context, k5err);
}
/*
@@ -1321,7 +1322,7 @@ out_free_kt:
out_free_context:
krb5_free_context(context);
out:
- free(k5err);
+ krb5_free_string(context, k5err);
return retval;
}