#1409 Resource leak in sssdpac_import_authdata
Closed: Fixed None Opened 7 years ago by sgallagh.

98
CID 12799: Resource leak (RESOURCE_LEAK)Calling allocation function "sss_pac_make_request" on "repbuf". [show details]
 99    ret = sss_pac_make_request(SSS_PAC_ADD_PAC_USER, &sss_data,
100                               &repbuf, &replen, &errnop);
At conditional (1): "ret != 0" taking the true branch.
101    if (ret != 0) {
102        /* Ignore the error */
103    }
104
At conditional (2): "authdata[0]->length > 0U" taking the true branch.
105    if (authdata[0]->length > 0) {
106        data = malloc(sizeof(char) * authdata[0]->length);
At conditional (3): "data == NULL" taking the false branch.
107        if (data == NULL) {
108            return ENOMEM;
109        }
110        memcpy(data, authdata[0]->contents, authdata[0]->length);
111    }
112
At conditional (4): "sssdctx->data.data != NULL" taking the true branch.
113    if (sssdctx->data.data != NULL) {
114        krb5_free_data_contents(kcontext, &sssdctx->data);
115    }
116
117    sssdctx->data.length = authdata[0]->length;
118    sssdctx->data.data = data;
Variable "repbuf" going out of scope leaks the storage it points to.
119    return 0;
120}

Fields changed

patch: 0 => 1
rhbz: => 0

Fixed by 8d04d44

component: SSSD => PAC Responder
milestone: NEEDS_TRIAGE => SSSD 1.9.0 beta 4
resolution: => fixed
status: new => closed

Metadata Update from @sgallagh:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.9.0 beta 4

2 years ago

Login to comment on this ticket.

Metadata