kerby
kerby copied to clipboard
authenticate_gss_server_step: fix memory leaks
In authenticate_gss_server_step
there are two memory leaks:
-
target_name
gets malloc'd bygss_inquire_context
, but never gets free'd bygss_release_name
. Seetarg_name
here. -
output_token
gets malloc'd ingss_display_name
on line 379, but isn't free'd bygss_release_buffer
before reuse on line 403. Seeoutput_name_buffer
here.
I ran some tests internally using valgrind
to verify. Here was the output:
Before:
==1014051== LEAK SUMMARY:
==1014051== definitely lost: 61,000 bytes in 2,000 blocks
==1014051== indirectly lost: 288,932 bytes in 9,997 blocks
==1014051== possibly lost: 5,168 bytes in 17 blocks
==1014051== still reachable: 3,929 bytes in 32 blocks
==1014051== suppressed: 0 bytes in 0 blocks
After:
==1105036== LEAK SUMMARY:
==1105036== definitely lost: 0 bytes in 0 blocks
==1105036== indirectly lost: 0 bytes in 0 blocks
==1105036== possibly lost: 4,256 bytes in 14 blocks
==1105036== still reachable: 3,861 bytes in 29 blocks
==1105036== suppressed: 0 bytes in 0 blocks
I also made a minor update to propagate the output token if gss_accept_sec_context
errors.