There is a number of places in the ipa-kpasswd SLAPI plugin where we allocate an error string called result_string but may overwrite it later. Many of these blocks are quite similar, so maybe it would make sense to wrap them in some kind of macro.
First one:
924 krberr = krb5_mk_priv(context, auth_context, &kdec, &kenc, &replay); 925 if (krberr) { 926 result_string = strdup("Failed to encrypt reply message"); Can be overwritten at: 952 krberr = krb5_mk_error(context, &krb5err, &kenc); 953 if (krberr) { 954 result_string = strdup("Failed to build error message"); or at: 942 krberr = krb5_timeofday(context, &krb5err.stime); 943 if (krberr) { 944 result_string = strdup("Failed to set time of day");
Another one:
844 if (!(ticket->enc_part2->flags & TKT_FLG_INITIAL)) { 845 result_string = strdup("Ticket must be derived from a password"); 846 result_err = KRB5_KPASSWD_AUTHERROR; Can be overwritten at: 924 krberr = krb5_mk_priv(context, auth_context, &kdec, &kenc, &replay); 925 if (krberr) { 926 result_string = strdup("Failed to encrypt reply message"); or at: 916 krberr = krb5_auth_con_setaddrs(context, auth_context, &lkaddr, NULL); 917 if (krberr) { 918 result_string = strdup("Failed to set local address");
master: 8173b8e
Correct master for this bug is: 63e70d0 (confused with the second memory leak fix)
Metadata Update from @jhrozek: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 2.0 - 2011/01 (cleanup)
Login to comment on this ticket.