From 33a8868f5d61bfb49bed584d9bb4badf34b11bb7 Mon Sep 17 00:00:00 2001
From: Will Fiveash <Will.Fiveash@Sun.COM>
Date: Fri, 26 Feb 2010 15:06:26 -0600
Subject: 6889700 __krb5_get_init_creds_password leaks krb5_gic_opt_ext *opte

---
 usr/src/lib/gss_mechs/mech_krb5/krb5/krb/gic_pwd.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'usr/src/lib')

diff --git a/usr/src/lib/gss_mechs/mech_krb5/krb5/krb/gic_pwd.c b/usr/src/lib/gss_mechs/mech_krb5/krb5/krb/gic_pwd.c
index 1deca3028e..43416a36c0 100644
--- a/usr/src/lib/gss_mechs/mech_krb5/krb5/krb/gic_pwd.c
+++ b/usr/src/lib/gss_mechs/mech_krb5/krb5/krb/gic_pwd.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -169,7 +169,6 @@ __krb5_get_init_creds_password(
    krb5_kdc_rep *as_reply;
    int tries;
    krb5_creds chpw_creds;
-   krb5_get_init_creds_opt *chpw_opts = NULL;
    krb5_data pw0, pw1;
    char banner[1024], pw0array[1024], pw1array[1024];
    krb5_prompt prompt[2];
@@ -487,6 +486,8 @@ cleanup:
 
    free(cpw_service);
    free(princ_str);
+   if (opte && krb5_gic_opt_is_shadowed(opte))
+      krb5_get_init_creds_opt_free(context, (krb5_get_init_creds_opt *)opte);
    memset(pw0array, 0, sizeof(pw0array));
    memset(pw1array, 0, sizeof(pw1array));
    krb5_free_cred_contents(context, &chpw_creds);
-- 
cgit v1.2.3