From 52c09adf15de7bc4bbd8ca9befaa430592b7e3aa Mon Sep 17 00:00:00 2001 From: Rick van Rein Date: Mon, 17 Oct 2016 22:31:02 +0100 Subject: [PATCH] Fixes of memory leaks in TLS-KDH handling --- src/starttls.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/starttls.c b/src/starttls.c index 7976945..e7fc350 100644 --- a/src/starttls.c +++ b/src/starttls.c @@ -2582,6 +2582,7 @@ prange ("cli_K", subkey.contents, subkey.length); der_pack ( auth_packer, (const dercursor *) &auth, decptr + declen); + krb5_free_keyblock_contents (krbctx_cli, &subkey); prangefull ("cli_A", decptr, declen); size_t rawlen; if (0 != krb5_c_encrypt_length (krbctx_cli, @@ -3766,9 +3767,13 @@ fprintf (stderr, "DEBUG: otfcert retrieval returned GNUTLS_E_AGAIN, so skip it\n #endif tlog (TLOG_DB, LOG_DEBUG, "BDB entry has flags=0x%08x, so we (%04x/%04x) %s it", flags, lidrole, LID_ROLE_MASK, ok? "store": "skip "); if (ok) { + if (cmd->lids [lidtype - LID_TYPE_MIN].data != NULL) { + free (cmd->lids [lidtype - LID_TYPE_MIN].data); + } // Move the credential into the command structure dbt_store (&creddata, &cmd->lids [lidtype - LID_TYPE_MIN]); +fprintf (stderr, "DEBUG: Storing cmd->lids[%d].data 0x%016x\n", lidtype-LID_TYPE_MIN, cmd->lids [lidtype-LID_TYPE_MIN].data); found = 1; } else { // Skip the credential by freeing its data structure @@ -5025,6 +5030,7 @@ fprintf (stderr, "DEBUG: Unregistered verun 0x%016x\n", (uint64_t) verun); // Cleanup any prefetched identities for (i=LID_TYPE_MIN; i<=LID_TYPE_MAX; i++) { if (cmd->lids [i - LID_TYPE_MIN].data != NULL) { +fprintf (stderr, "DEBUG: Freeing cmd->lids[%d].data 0x%016x\n", i-LID_TYPE_MIN, cmd->lids [i-LID_TYPE_MIN].data); free (cmd->lids [i - LID_TYPE_MIN].data); } } -- 1.7.10.4