From 2100e7622fa9606d99aca5f5103a4e9ee28b9ab4 Mon Sep 17 00:00:00 2001
From: Alexander Scheel <ascheel@redhat.com>
Date: Jul 06 2017 19:52:48 +0000
Subject: Fix memory leaks


Signed-off-by: Alexander Scheel <ascheel@redhat.com>

---

diff --git a/proxy/src/gp_config.c b/proxy/src/gp_config.c
index 21bf80e..8ea49d2 100644
--- a/proxy/src/gp_config.c
+++ b/proxy/src/gp_config.c
@@ -75,6 +75,8 @@ static void gp_service_free(struct gp_service *svc)
         free_cred_store_elements(&svc->krb5.store);
         gp_free_creds_handle(&svc->krb5.creds_handle);
     }
+    free(svc->socket);
+    free(svc->program);
     SELINUX_context_free(svc->selinux_ctx);
     memset(svc, 0, sizeof(struct gp_service));
 }
diff --git a/proxy/src/gp_creds.c b/proxy/src/gp_creds.c
index 8d2e449..04c84f3 100644
--- a/proxy/src/gp_creds.c
+++ b/proxy/src/gp_creds.c
@@ -1046,6 +1046,8 @@ uint32_t gp_count_tickets(uint32_t *min, gss_cred_id_t cred, uint32_t *ccsum)
             goto done;
         }
 
+        krb5_free_cred_contents(context, &creds);
+
         /* TODO: Should we do a real checksum over all creds->ticket data and
          * flags in future ? */
         (*ccsum)++;
diff --git a/proxy/src/gp_export.c b/proxy/src/gp_export.c
index 4e081df..ab08bb7 100644
--- a/proxy/src/gp_export.c
+++ b/proxy/src/gp_export.c
@@ -47,7 +47,7 @@ uint32_t gp_init_creds_with_keytab(uint32_t *min, const char *svc_name,
     krb5_keytab ktid = NULL;
     krb5_kt_cursor cursor;
     krb5_keytab_entry entry;
-    krb5_enctype *permitted;
+    krb5_enctype *permitted = NULL;
     uint32_t ret_maj = 0;
     uint32_t ret_min = 0;
     int ret;
@@ -127,6 +127,7 @@ uint32_t gp_init_creds_with_keytab(uint32_t *min, const char *svc_name,
     ret_maj = GSS_S_COMPLETE;
 
 done:
+    krb5_free_enctypes(handle->context, permitted);
     if (ktid) {
         (void)krb5_kt_close(handle->context, ktid);
     }
diff --git a/proxy/src/gp_rpc_acquire_cred.c b/proxy/src/gp_rpc_acquire_cred.c
index fcb4fbe..7ddb427 100644
--- a/proxy/src/gp_rpc_acquire_cred.c
+++ b/proxy/src/gp_rpc_acquire_cred.c
@@ -130,17 +130,18 @@ int gp_acquire_cred(struct gp_call_ctx *gpcall,
         }
     }
 
-    acr->output_cred_handle = calloc(1, sizeof(gssx_cred));
-    if (!acr->output_cred_handle) {
-        ret_maj = GSS_S_FAILURE;
-        ret_min = ENOMEM;
-        goto done;
-    }
 
     if (out_cred == in_cred) {
         acr->output_cred_handle = aca->input_cred_handle;
         aca->input_cred_handle = NULL;
     } else {
+        acr->output_cred_handle = calloc(1, sizeof(gssx_cred));
+        if (!acr->output_cred_handle) {
+            ret_maj = GSS_S_FAILURE;
+            ret_min = ENOMEM;
+            goto done;
+        }
+
         ret_maj = gp_export_gssx_cred(&ret_min, gpcall,
                                       &out_cred, acr->output_cred_handle);
         if (ret_maj) {
@@ -154,6 +155,10 @@ done:
 
     GPRPCDEBUG(gssx_res_acquire_cred, acr);
 
+    if (add_out_cred != &in_cred && add_out_cred != &out_cred)
+        gss_release_cred(&ret_min, add_out_cred);
+    if (in_cred != out_cred)
+        gss_release_cred(&ret_min, &in_cred);
     gss_release_cred(&ret_min, &out_cred);
     gss_release_oid_set(&ret_min, &use_mechs);
     gss_release_oid_set(&ret_min, &desired_mechs);
diff --git a/proxy/src/gssproxy.c b/proxy/src/gssproxy.c
index 3cdc220..df26723 100644
--- a/proxy/src/gssproxy.c
+++ b/proxy/src/gssproxy.c
@@ -160,7 +160,7 @@ int main(int argc, const char *argv[])
     verto_ctx *vctx;
     verto_ev *ev;
     int wait_fd;
-    int ret;
+    int ret = -1;
 
     /* initialize debug client id to 0 in the main thread */
     /* we do this early, before any code starts using debug statements */
@@ -194,13 +194,17 @@ int main(int argc, const char *argv[])
             fprintf(stderr, "\nInvalid option %s: %s\n\n",
                     poptBadOption(pc, 0), poptStrerror(opt));
             poptPrintUsage(pc, stderr, 0);
-            return 1;
+            
+            ret = 1;
+            goto cleanup;
         }
     }
 
     if (opt_version) {
         puts(VERSION""DISTRO_VERSION""PRERELEASE_VERSION);
-        return 0;
+        poptFreeContext(pc);
+        ret = 0;
+        goto cleanup;
     }
 
     if (opt_debug || opt_debug_level > 0) {
@@ -211,7 +215,8 @@ int main(int argc, const char *argv[])
     if (opt_daemon && opt_interactive) {
         fprintf(stderr, "Option -i|--interactive is not allowed together with -D|--daemon\n");
         poptPrintUsage(pc, stderr, 0);
-        return 1;
+        ret = 0;
+        goto cleanup;
     }
 
     if (opt_interactive) {
@@ -225,7 +230,8 @@ int main(int argc, const char *argv[])
                                 opt_config_socket,
                                 opt_daemon);
     if (!gpctx->config) {
-        exit(EXIT_FAILURE);
+        ret = EXIT_FAILURE;
+        goto cleanup;
     }
 
     init_server(gpctx->config->daemonize, &wait_fd);
@@ -236,7 +242,8 @@ int main(int argc, const char *argv[])
     if (!vctx) {
         fprintf(stderr, "Failed to initialize event loop. "
                         "Is there at least one libverto backend installed?\n");
-        return 1;
+        ret = 1;
+        goto cleanup;
     }
     gpctx->vctx = vctx;
 
@@ -244,12 +251,13 @@ int main(int argc, const char *argv[])
     ev = verto_add_signal(vctx, VERTO_EV_FLAG_PERSIST, hup_handler, SIGHUP);
     if (!ev) {
         fprintf(stderr, "Failed to register SIGHUP handler with verto!\n");
-        return 1;
+        ret = 1;
+        goto cleanup;
     }
 
     ret = init_sockets(vctx, NULL);
     if (ret != 0) {
-        return ret;
+        goto cleanup;
     }
 
     /* We need to tell nfsd that GSS-Proxy is available before it starts,
@@ -263,12 +271,14 @@ int main(int argc, const char *argv[])
 
     ret = drop_privs(gpctx->config);
     if (ret) {
-        exit(EXIT_FAILURE);
+        ret = EXIT_FAILURE;
+        goto cleanup;
     }
 
     ret = gp_workers_init(gpctx);
     if (ret) {
-        exit(EXIT_FAILURE);
+        ret = EXIT_FAILURE;
+        goto cleanup;
     }
 
     verto_run(vctx);
@@ -278,9 +288,17 @@ int main(int argc, const char *argv[])
 
     fini_server();
 
-    poptFreeContext(pc);
 
     free_config(&gpctx->config);
+    free(gpctx);
 
-    return 0;
+    ret = 0;
+
+cleanup:
+    poptFreeContext(pc);
+    free(opt_config_file);
+    free(opt_config_dir);
+    free(opt_config_socket);
+
+    return ret;
 }
diff --git a/proxy/src/mechglue/gpp_context.c b/proxy/src/mechglue/gpp_context.c
index 2f41e4f..69e69e0 100644
--- a/proxy/src/mechglue/gpp_context.c
+++ b/proxy/src/mechglue/gpp_context.c
@@ -362,6 +362,8 @@ OM_uint32 gssi_delete_sec_context(OM_uint32 *minor_status,
         }
     }
 
+    free(ctx);
+
     return rmaj;
 }
 
diff --git a/proxy/tests/t_acquire.c b/proxy/tests/t_acquire.c
index 2bb7706..5334565 100644
--- a/proxy/tests/t_acquire.c
+++ b/proxy/tests/t_acquire.c
@@ -132,5 +132,8 @@ done:
     gss_release_buffer(&ret_min, &in_token);
     gss_release_buffer(&ret_min, &out_token);
     gss_release_cred(&ret_min, &cred_handle);
+    gss_release_name(&ret_min, &target_name);
+    gss_delete_sec_context(&ret_min, &init_ctx, GSS_C_NO_BUFFER);
+    gss_delete_sec_context(&ret_min, &accept_ctx, GSS_C_NO_BUFFER);
     return ret;
 }