[Heimdal-source-changes] [heimdal/heimdal] bfcc7a: kdc kx509: avoid double free of cprinc and s in ch...
Daria Phoebe Brashear
noreply at github.com
Fre Mars 6 18:56:06 CET 2020
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: bfcc7a90ed1a7fcbe214d6bf29f7f98a0374be8f
https://github.com/heimdal/heimdal/commit/bfcc7a90ed1a7fcbe214d6bf29f7f98a0374be8f
Author: Daria Phoebe Brashear <dariaphoebe at auristor.com>
Date: 2020-03-06 (Fri, 06 Mar 2020)
Changed paths:
M kdc/kx509.c
Log Message:
-----------
kdc kx509: avoid double free of cprinc and s in check_authz
on error from der_parse_heim_old we early exit via out, which frees
s and cprinc; we should not do so a second time unless we explicitly
NULL the pointers but there is no value in doing so.
Commit: c2a70414026143b7e8da5d56e229c950359a7ff4
https://github.com/heimdal/heimdal/commit/c2a70414026143b7e8da5d56e229c950359a7ff4
Author: Daria Phoebe Brashear <dariaphoebe at auristor.com>
Date: 2020-03-06 (Fri, 06 Mar 2020)
Changed paths:
M lib/krb5/mk_cred.c
Log Message:
-----------
krb5_mk_ncred: clean enc_krb_cred_part before use
the early exit case can try to free enc_krb_cred_part, which will be
stack garbage. clear it before it's used.
Commit: efba1c21e974381b43ee617a2009d795a9a58131
https://github.com/heimdal/heimdal/commit/efba1c21e974381b43ee617a2009d795a9a58131
Author: Daria Phoebe Brashear <dariaphoebe at auristor.com>
Date: 2020-03-06 (Fri, 06 Mar 2020)
Changed paths:
M lib/kadm5/randkey_c.c
Log Message:
-----------
lib/kadm5 kadm5_c_randkey_principal allow keyblock cleanup on error
the code to perform cleanup is present but an overzealous goto out
precludes it from being called. break from our for loop in event of error
and allow cleanup to take place
Commit: 59d132f82569282f0cf2a10d80ce468f644c9871
https://github.com/heimdal/heimdal/commit/59d132f82569282f0cf2a10d80ce468f644c9871
Author: Daria Phoebe Brashear <dariaphoebe at auristor.com>
Date: 2020-03-06 (Fri, 06 Mar 2020)
Changed paths:
M lib/hdb/ndbm.c
Log Message:
-----------
hdb: don't use lock_file name after free in open_lock_file
Commit: c295233648eadf899edd01681b8f6e9827986cf4
https://github.com/heimdal/heimdal/commit/c295233648eadf899edd01681b8f6e9827986cf4
Author: Daria Phoebe Brashear <dariaphoebe at auristor.com>
Date: 2020-03-06 (Fri, 06 Mar 2020)
Changed paths:
M lib/base/log.c
Log Message:
-----------
lib/base log_file should free filename in all cases
once we've used the filename we built, free it before exit
Commit: bcb5ed28fbe25d3b207d17ddd2f420f938a4ef03
https://github.com/heimdal/heimdal/commit/bcb5ed28fbe25d3b207d17ddd2f420f938a4ef03
Author: Daria Phoebe Brashear <dariaphoebe at auristor.com>
Date: 2020-03-06 (Fri, 06 Mar 2020)
Changed paths:
M kdc/kx509.c
Log Message:
-----------
kdc/kx509.c: clean up krb5_get_error_message strings used for mk_error_resp
mk_error_response expects the strings it builds will need to be freed but
not those passed in; krb5_get_error_message generates a string which needs to
be freed. keep track of and free those strings.
Compare: https://github.com/heimdal/heimdal/compare/c6b891556edb...bcb5ed28fbe2
More information about the Heimdal-source-changes
mailing list