dovecot-2.0: GSSAPI: Fixed memory leak on error conditions.

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.0/rev/8c370896b657
changeset: 9641:8c370896b657
user:      Timo Sirainen <tss at iki.fi>
date:      Fri Jul 17 18:57:48 2009 -0400
description:
GSSAPI: Fixed memory leak on error conditions.

diffstat:

1 file changed, 18 insertions(+), 13 deletions(-)
src/auth/mech-gssapi.c |   31 ++++++++++++++++++-------------

diffs (67 lines):

diff -r ac52d79b7b94 -r 8c370896b657 src/auth/mech-gssapi.c
--- a/src/auth/mech-gssapi.c	Fri Jul 17 17:13:51 2009 -0400
+++ b/src/auth/mech-gssapi.c	Fri Jul 17 18:57:48 2009 -0400
@@ -235,9 +235,10 @@ mech_gssapi_sec_context(struct gssapi_au
 {
 	struct auth_request *auth_request = &request->auth_request;
 	OM_uint32 major_status, minor_status;
-	gss_buffer_desc outbuf;
+	gss_buffer_desc output_token;
 	gss_OID name_type;
 	const char *username, *error;
+	int ret = 0;
 
 	major_status = gss_accept_sec_context (
 		&minor_status,
@@ -247,7 +248,7 @@ mech_gssapi_sec_context(struct gssapi_au
 		GSS_C_NO_CHANNEL_BINDINGS,
 		&request->authn_name, 
 		NULL, /* mech_type */
-		&outbuf,
+		&output_token,
 		NULL, /* ret_flags */
 		NULL, /* time_rec */
 		NULL  /* delegated_cred_handle */
@@ -267,16 +268,17 @@ mech_gssapi_sec_context(struct gssapi_au
 	case GSS_S_COMPLETE:
 		if (!get_display_name(auth_request, request->authn_name,
 				      &name_type, &username) < 0)
-			return -1;
-		if (!auth_request_set_username(auth_request, username,
-					       &error)) {
+			ret = -1;
+		else if (!auth_request_set_username(auth_request, username,
+						    &error)) {
 			auth_request_log_info(auth_request, "gssapi",
 					      "authn_name: %s", error);
-			return -1;
+			ret = -1;
+		} else {
+			request->sasl_gssapi_state = GSS_STATE_WRAP;
+			auth_request_log_debug(auth_request, "gssapi",
+				"security context state completed.");
 		}
-		request->sasl_gssapi_state = GSS_STATE_WRAP;
-		auth_request_log_debug(auth_request, "gssapi",
-				       "security context state completed.");
 		break;
 	case GSS_S_CONTINUE_NEEDED:
 		auth_request_log_debug(auth_request, "gssapi",
@@ -289,10 +291,13 @@ mech_gssapi_sec_context(struct gssapi_au
 		break;
 	}
 
-	auth_request->callback(auth_request, AUTH_CLIENT_RESULT_CONTINUE,
-			       outbuf.value, outbuf.length);
-	(void)gss_release_buffer(&minor_status, &outbuf);
-	return 0;
+	if (ret == 0) {
+		auth_request->callback(auth_request,
+				       AUTH_CLIENT_RESULT_CONTINUE,
+				       output_token.value, output_token.length);
+	}
+	(void)gss_release_buffer(&minor_status, &output_token);
+	return ret;
 }
 
 static int