auth-krb5: Avoid memory leaks and unread assignments

2018-09-25 16:34:19 +02:00 · 2018-09-25 16:34:19 +02:00 · f3715e62da
commit f3715e62da
parent 97ee52c0a3
1 changed files with 4 additions and 2 deletions
--- a/openssh-7.7p1-gssapi-new-unique.patch
+++ b/openssh-7.7p1-gssapi-new-unique.patch
@ -113,7 +113,7 @@ index a5a81ed2..63f877f2 100644
 	if (authctxt->krb5_user) {
 		krb5_free_principal(authctxt->krb5_ctx, authctxt->krb5_user);
 		authctxt->krb5_user = NULL;
-@@ -237,36 +287,186 @@ krb5_cleanup_proc(Authctxt *authctxt)
+@@ -237,36 +287,188 @@ krb5_cleanup_proc(Authctxt *authctxt)
 	}
 }
@ -195,7 +195,7 @@ index a5a81ed2..63f877f2 100644
 +			continue;
 +		} else {
 +			p_o = strchr(p_n, '}') + 1;
-+			p_o = '\0';
+			*p_o = '\0';
 +			debug("%s: unsupported token %s in %s", __func__, p_n, template);
 +			/* unknown token, fallback to the default */
 +			goto cleanup;
@ -307,6 +307,7 @@ index a5a81ed2..63f877f2 100644
 +	if (krb5_cc_support_switch(ctx, type)) {
 +		debug3("%s: calling cc_new_unique(%s)", __func__, ccname);
 +		ret = krb5_cc_new_unique(ctx, type, NULL, ccache);
 +		free(type);
 +		if (ret)
 +			return ret;
 +
@ -317,6 +318,7 @@ index a5a81ed2..63f877f2 100644
 +		 * it is already unique from above or the type does not support
 +		 * collections
 +		 */
 +		free(type);
 +		debug3("%s: calling cc_resolve(%s)", __func__, ccname);
 +		return (krb5_cc_resolve(ctx, ccname, ccache));
 +	}