Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5023717yba; Wed, 8 May 2019 06:48:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqwfhuG+bUGFI7QFbc4qCPrhH0UfYSAV4UZUTkSA/obDrhLpOhdVGvR8H8VkzRM1wzUfmnP8 X-Received: by 2002:a63:ea42:: with SMTP id l2mr29405753pgk.19.1557323281020; Wed, 08 May 2019 06:48:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557323281; cv=none; d=google.com; s=arc-20160816; b=hYHTaHP4J/nrY+FGXPxb1roEfsa1BNvAzM5FQx+cfTm4Poaio7oHU6Ur1JAE0gPmy1 6nmKJ3n2J2ZBL0tbBXaKVc/rXyRqQNhX3ut4p9Z0gVN34leQzsmAX0K6HYDF7GDKoYYz KNiqx6mlP7WzyrV43k6GP0mhh5d5bjVngMYhMfs7rkP6eEgflxR4bbBBQ56i5vVLVt3a CyutLxzs/6dv3vUG0JPznCn4NIuLUjbqieSsSVoLty4ZkzO/A/MdgVJlsZ56OPoGdCmu bB0uC68OMcWF53kUfAkmfQLbocurETxAw2UYRzBH+hqm9L+Ll9dIdK5vH4kVKeYxSwo4 CcJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:to:from; bh=Sc9/2VeErT7TJh1LyeeNKLOr6FmoXJ00bdELeJITh/Q=; b=NPD9zXSOtmpK45rhS2rbXWZf2v6iRJLdtSzgNhcX/cFfNKdOwrcoyqKKna7yhm2tYU aVJ6n75T4zMfQ5PGG7m+CY1kayuMxTRPbA258x5lkIvBHiaNfgw02Oi7LI/ncuubrl+Z 1aqbgi6LcP0qh8GarIjQ5hOpofBUVsA50s6vcaLvfp3vWIDxMobR8Qu/25TSIceN3tEU bVSo67DzUaYDG2dRFS7CpNlpr+E/tgbZAp9bDRTyG0Lr9gf8WxTwYSPH0krjZPqBwH6S quHvkJcPWfx+7OlQMYwGH6BSerefjCtFivvq+nqONbbJADPm+HUSjS3200s0dU3pG2Ss uJmg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1si24344132pls.222.2019.05.08.06.47.47; Wed, 08 May 2019 06:48:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727316AbfEHNfr (ORCPT + 99 others); Wed, 8 May 2019 09:35:47 -0400 Received: from mx1.redhat.com ([209.132.183.28]:31589 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727271AbfEHNfr (ORCPT ); Wed, 8 May 2019 09:35:47 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E6F05305B886 for ; Wed, 8 May 2019 13:35:46 +0000 (UTC) Received: from madhat.boston.devel.redhat.com (ovpn-116-59.phx2.redhat.com [10.3.116.59]) by smtp.corp.redhat.com (Postfix) with ESMTP id A0A585C269 for ; Wed, 8 May 2019 13:35:46 +0000 (UTC) From: Steve Dickson To: Linux NFS Mailing list Subject: [PATCH 13/19] Removed resource leaks from gssd/krb5_util.c Date: Wed, 8 May 2019 09:35:30 -0400 Message-Id: <20190508133536.6077-14-steved@redhat.com> In-Reply-To: <20190508133536.6077-1-steved@redhat.com> References: <20190508133536.6077-1-steved@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Wed, 08 May 2019 13:35:46 +0000 (UTC) Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org gssd/krb5_util.c:696: overwrite_var: Overwriting "k5err" in "k5err = gssd_k5_err_msg(context, code)" leaks the storage that "k5err" points to. gssd/krb5_util.c:737: overwrite_var: Overwriting "k5err" in "k5err = gssd_k5_err_msg(context, code)" leaks the storage that "k5err" points to. gssd/krb5_util.c:899: overwrite_var: Overwriting "k5err" in "k5err = gssd_k5_err_msg(context, code)" leaks the storage that "k5err" points to. krb5_util.c:1173: leaked_storage: Variable "l" going out of scope leaks the storage it points to. Signed-off-by: Steve Dickson --- utils/gssd/krb5_util.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c index 6daba44..454a6eb 100644 --- a/utils/gssd/krb5_util.c +++ b/utils/gssd/krb5_util.c @@ -699,6 +699,8 @@ gssd_search_krb5_keytab(krb5_context context, krb5_keytab kt, "we failed to unparse principal name: %s\n", k5err); k5_free_kt_entry(context, kte); + free(k5err); + k5err = NULL; continue; } printerr(4, "Processing keytab entry for principal '%s'\n", @@ -900,6 +902,8 @@ find_keytab_entry(krb5_context context, krb5_keytab kt, k5err = gssd_k5_err_msg(context, code); printerr(1, "%s while building principal for '%s'\n", k5err, spn); + free(k5err); + k5err = NULL; continue; } code = krb5_kt_get_entry(context, kt, princ, 0, 0, kte); @@ -1169,7 +1173,8 @@ gssd_get_krb5_machine_cred_list(char ***list) *list = l; retval = 0; goto out; - } + } else + free((void *)l); out: return retval; } @@ -1217,6 +1222,8 @@ gssd_destroy_krb5_machine_creds(void) printerr(0, "WARNING: %s while resolving credential " "cache '%s' for destruction\n", k5err, ple->ccname); + free(k5err); + k5err = NULL; continue; } -- 2.20.1