diff options
| author | neilbrown <neilbrown> | 2006-04-09 23:50:42 +0000 |
|---|---|---|
| committer | neilbrown <neilbrown> | 2006-04-09 23:50:42 +0000 |
| commit | cddf69516911d84fcbcbe3cdc225b5e56cd7e012 (patch) | |
| tree | 501bbc3b6f8ee795d7946e8ef80b1c31bc2b7293 | |
| parent | 802e3cfc690a5b1f7d5d7ecd102dd44297b21160 (diff) | |
| download | nfs-utils-cddf69516911d84fcbcbe3cdc225b5e56cd7e012.tar.gz | |
2006-04-10 kwc@citi.umich.edu
Plug memory leaks in svcgssd
Various memory leaks in the svcgssd context processing are eliminated.
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | utils/gssd/svcgssd_proc.c | 13 |
2 files changed, 18 insertions, 0 deletions
@@ -1,4 +1,9 @@ 2006-04-10 kwc@citi.umich.edu + Plug memory leaks in svcgssd + + Various memory leaks in the svcgssd context processing are eliminated. + +2006-04-10 kwc@citi.umich.edu Fix memory leak of the AUTH structure on context negotiations Free AUTH structure after completing context negotiation and sending diff --git a/utils/gssd/svcgssd_proc.c b/utils/gssd/svcgssd_proc.c index ad45753..14b7f17 100644 --- a/utils/gssd/svcgssd_proc.c +++ b/utils/gssd/svcgssd_proc.c @@ -203,10 +203,12 @@ get_ids(gss_name_t client_name, gss_OID mech, struct svc_cred *cred) if (!(sname = calloc(name.length + 1, 1))) { printerr(0, "WARNING: get_ids: error allocating %d bytes " "for sname\n", name.length + 1); + gss_release_buffer(&min_stat, &name); goto out; } memcpy(sname, name.value, name.length); printerr(1, "sname = %s\n", sname); + gss_release_buffer(&min_stat, &name); res = -EINVAL; if ((secname = mech2file(mech)) == NULL) { @@ -281,6 +283,7 @@ handle_nullreq(FILE *f) { in_handle = {.value = in_handle_buf}, out_handle = {.value = out_handle_buf}, ctx_token = {.value = NULL}, + ignore_out_tok = {.value = NULL}, /* XXX isn't there a define for this?: */ null_token = {.value = NULL}; u_int32_t ret_flags; @@ -288,6 +291,7 @@ handle_nullreq(FILE *f) { gss_name_t client_name; gss_OID mech = GSS_C_NO_OID; u_int32_t maj_stat = GSS_S_FAILURE, min_stat = 0; + u_int32_t ignore_min_stat; struct svc_cred cred; static char *lbuf = NULL; static int lbuflen = 0; @@ -352,8 +356,10 @@ handle_nullreq(FILE *f) { if (get_ids(client_name, mech, &cred)) { /* get_ids() prints error msg */ maj_stat = GSS_S_BAD_NAME; /* XXX ? */ + gss_release_name(&ignore_min_stat, &client_name); goto out_err; } + gss_release_name(&ignore_min_stat, &client_name); /* Context complete. Pass handle_seq in out_handle to use @@ -370,6 +376,9 @@ handle_nullreq(FILE *f) { maj_stat = GSS_S_FAILURE; goto out_err; } + /* We no longer need the gss context */ + gss_delete_sec_context(&ignore_min_stat, &ctx, &ignore_out_tok); + do_svc_downcall(&out_handle, &cred, mech, &ctx_token); continue_needed: send_response(f, &in_handle, &in_tok, maj_stat, min_stat, @@ -377,10 +386,14 @@ continue_needed: out: if (ctx_token.value != NULL) free(ctx_token.value); + if (out_tok.value != NULL) + gss_release_buffer(&ignore_min_stat, &out_tok); printerr(1, "finished handling null request\n"); return; out_err: + if (ctx != GSS_C_NO_CONTEXT) + gss_delete_sec_context(&ignore_min_stat, &ctx, &ignore_out_tok); send_response(f, &in_handle, &in_tok, maj_stat, min_stat, &null_token, &null_token); goto out; |