diff options
author | Isaac Boukris <iboukris@gmail.com> | 2017-07-22 02:00:46 +0300 |
---|---|---|
committer | Marcel Raad <Marcel.Raad@teamviewer.com> | 2017-08-05 00:23:24 +0200 |
commit | 0b11660234c4f9bbea7308402ad739dc3f153b08 (patch) | |
tree | 573c28032c9784b8691bdd8d170dafe659a6f920 /lib | |
parent | 61046e7bd59fc5f2ab2e7b1f0b89e2b5a90ae8c7 (diff) |
gssapi: fix memory leak of output token in multi round context
When multiple rounds are needed to establish a security context
(usually ntlm), we overwrite old token with a new one without free.
Found by proposed gss tests using stub a gss implementation (by
valgrind error), though I have confirmed the leak with a real
gssapi implementation as well.
Closes https://github.com/curl/curl/pull/1733
Diffstat (limited to 'lib')
-rw-r--r-- | lib/vauth/spnego_gssapi.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c index 8840db8fd..5196c2704 100644 --- a/lib/vauth/spnego_gssapi.c +++ b/lib/vauth/spnego_gssapi.c @@ -180,6 +180,10 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data, return CURLE_OUT_OF_MEMORY; } + /* Free previous token */ + if(nego->output_token.length && nego->output_token.value) + gss_release_buffer(&unused_status, &nego->output_token); + nego->output_token = output_token; return CURLE_OK; |