IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix kdec.length or we may try to double free() or free() uninitiualized data.

Browse Source
This commit is contained in:
Simo Sorce 2007-12-07 18:09:49 -05:00
parent 0b51e32699
commit 647063253e
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ipa-server/ipa-kpasswd/ipa_kpasswd.c
View File

@ -664,6 +664,8 @@ void handle_krb_packets(uint8_t *buf, ssize_t buflen,
auth_context = NULL;
krep.length = 0;
krep.data = NULL;
kdec.length = 0;
kdec.data = NULL;
kprincpw = NULL;
context = NULL;
ticket = NULL;
@ -859,6 +861,7 @@ void handle_krb_packets(uint8_t *buf, ssize_t buflen,
/* make sure password is cleared off before we free the memory */
memset(kdec.data, 0, kdec.length);
free(kdec.data);
kdec.length = 0;
kpreply:
@ -867,6 +870,7 @@ kpreply:
kdec.data = malloc(kdec.length);
if (!kdec.data) {
syslog(LOG_ERR, "Out of memory!");
kdec.length = 0;
goto done;
}