[Freeipa-devel] [PATCH] 0017 Fix various memory leaks in Kerberos helper code
Adam Tkac
atkac at redhat.com
Mon Apr 16 12:25:24 UTC 2012
On Mon, Apr 16, 2012 at 02:13:06PM +0200, Petr Spacek wrote:
> Hello,
>
> this patch fixes several memory leaks in Kerberos integration code.
> Fix was tested with Valgrind.
>
> There is another memory leak in persistent search code, it will be
> fixed by separate patch.
Ack, please push it to master.
A
> From 2b95bc00554f19f8949fb4690d802828ccf17023 Mon Sep 17 00:00:00 2001
> From: Petr Spacek <pspacek at redhat.com>
> Date: Mon, 16 Apr 2012 14:07:20 +0200
> Subject: [PATCH] Fix various memory leaks in Kerberos helper code.
> Signed-off-by: Petr Spacek <pspacek at redhat.com>
>
> ---
> src/krb5_helper.c | 16 ++++++++++++----
> 1 files changed, 12 insertions(+), 4 deletions(-)
>
> diff --git a/src/krb5_helper.c b/src/krb5_helper.c
> index 571f511..ffa6938 100644
> --- a/src/krb5_helper.c
> +++ b/src/krb5_helper.c
> @@ -31,8 +31,9 @@
> #define CHECK_KRB5(ctx, err, msg, ...) \
> do { \
> if (err) { \
> - log_error(msg " (%s)", ##__VA_ARGS__, \
> - krb5_get_error_message(ctx, err)); \
> + const char * errmsg = krb5_get_error_message(ctx, err); \
> + log_error(msg " (%s)", ##__VA_ARGS__, errmsg); \
> + krb5_free_error_message(ctx, errmsg); \
> result = ISC_R_FAILURE; \
> goto cleanup; \
> } \
> @@ -66,8 +67,10 @@ check_credentials(krb5_context context,
>
> krberr = krb5_cc_retrieve_cred(context, ccache, 0, &mcreds, &creds);
> if (krberr) {
> + const char * errmsg = krb5_get_error_message(context, krberr);
> log_debug(2, "Principal not found in cred cache (%s)",
> - krb5_get_error_message(context, krberr));
> + errmsg);
> + krb5_free_error_message(context, errmsg);
> result = ISC_R_FAILURE;
> goto cleanup;
> }
> @@ -97,8 +100,9 @@ get_krb5_tgt(isc_mem_t *mctx, const char *principal, const char *keyfile)
> krb5_context context = NULL;
> krb5_keytab keytab = NULL;
> krb5_ccache ccache = NULL;
> - krb5_principal kprincpw;
> + krb5_principal kprincpw = NULL;
> krb5_creds my_creds;
> + krb5_creds * my_creds_ptr = NULL;
> krb5_get_init_creds_opt options;
> krb5_error_code krberr;
> isc_result_t result;
> @@ -167,6 +171,7 @@ get_krb5_tgt(isc_mem_t *mctx, const char *principal, const char *keyfile)
> krberr = krb5_get_init_creds_keytab(context, &my_creds, kprincpw,
> keytab, 0, NULL, &options);
> CHECK_KRB5(context, krberr, "Failed to init credentials");
> + my_creds_ptr = &my_creds;
>
> /* store credentials in cache */
> krberr = krb5_cc_initialize(context, ccache, kprincpw);
> @@ -179,7 +184,10 @@ get_krb5_tgt(isc_mem_t *mctx, const char *principal, const char *keyfile)
>
> cleanup:
> if (ccname) str_destroy(&ccname);
> + if (ccache) krb5_cc_close(context, ccache);
> if (keytab) krb5_kt_close(context, keytab);
> + if (kprincpw) krb5_free_principal(context, kprincpw);
> + if (my_creds_ptr) krb5_free_cred_contents(context, my_creds_ptr);
> if (context) krb5_free_context(context);
> return result;
> }
> --
> 1.7.7.6
>
--
Adam Tkac, Red Hat, Inc.
More information about the Freeipa-devel
mailing list