query_krb5_ccache: if the ret_realm strdup fails then ret_princname leaks
gssd_get_krb5_machine_cred_list: l was being leaked if the realloc failed
it was also leaked if the strdup of ccname failed
Signed-off-by: Alice Mitchell <ajmitchell@xxxxxxxxxx>
---
utils/gssd/krb5_util.c | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index c5f1152..6d059f3 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -1129,6 +1129,12 @@ query_krb5_ccache(const char* cred_cache, char **ret_princname,
*str = '\0';
*ret_princname = strdup(princstring);
*ret_realm = strdup(str+1);
+ if (!*ret_princname || !*ret_realm) {
+ free(*ret_princname);
+ free(*ret_realm);
+ *ret_princname = NULL;
+ *ret_realm = NULL;
+ }
}
k5_free_unparsed_name(context, princstring);
}
@@ -1350,15 +1356,19 @@ gssd_get_krb5_machine_cred_list(char ***list)
if (retval)
continue;
if (i + 1 > listsize) {
+ char **tmplist;
listsize += listinc;
- l = (char **)
+ tmplist = (char **)
realloc(l, listsize * sizeof(char *));
- if (l == NULL) {
+ if (tmplist == NULL) {
+ gssd_free_krb5_machine_cred_list(l);
retval = ENOMEM;
goto out_lock;
}
+ l = tmplist;
}
if ((l[i++] = strdup(ple->ccname)) == NULL) {
+ gssd_free_krb5_machine_cred_list(l);
retval = ENOMEM;
goto out_lock;
}
--
2.27.0
