]> eyrie.org Git - kerberos/pam-krb5.git/commit
projects / kerberos / pam-krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ad9e3fe) | patch
Avoid double free of ctx->princ in a failure case
authorRuss Allbery <rra@debian.org>
Sat, 30 Jan 2021 19:55:44 +0000 (11:55 -0800)
committerRuss Allbery <rra@debian.org>
Sat, 30 Jan 2021 19:56:36 +0000 (11:56 -0800)
commit5ca4e52fd175cfb13f5dc9c17c18cc8485e4aa33
tree8a6e332db7bd26af3fa5b33575a0cc1a242e97e1tree | snapshot
parentad9e3fe86fe14537072fe1f3cf5c3564e27a90c1commit | diff
Avoid double free of ctx->princ in a failure case

When re-retrieving the authenticated principal from the current cache,
ensure the stored principal in the authentication context is always
either valid or NULL.  Otherwise, a failure of krb5_cc_get_principal
could result in a double free.  Thanks to Michael Muehle for the
report.

Fixes #20
NEWS diff | blob | history
module/account.c diff | blob | history
Kerberos PAM module