From eca00ef4719c44c4e68ead3346a16229b6471d13 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Tue, 20 Jun 2023 17:41:36 +0200 Subject: [PATCH] LDAP: fixed leak of `kprinc` MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reviewed-by: Alejandro López Reviewed-by: Tomáš Halman Reference: https://github.com/SSSD/sssd/commit/eca00ef4719c44c4e68ead3346a16229b6471d13 Conflict: NA --- src/providers/ldap/ldap_child.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c index 6ad2fb63a..6c167d239 100644 --- a/src/providers/ldap/ldap_child.c +++ b/src/providers/ldap/ldap_child.c @@ -367,12 +367,6 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx, } DEBUG(SSSDBG_CONF_SETTINGS, "Principal name is: [%s]\n", full_princ); - krberr = krb5_parse_name(context, full_princ, &kprinc); - if (krberr != 0) { - DEBUG(SSSDBG_OP_FAILURE, "krb5_parse_name() failed: %d\n", krberr); - goto done; - } - if (keytab_name) { krberr = krb5_kt_resolve(context, keytab_name, &keytab); } else { @@ -447,8 +441,14 @@ static krb5_error_code ldap_child_get_tgt_sync(TALLOC_CTX *memctx, goto done; } + krberr = krb5_parse_name(context, full_princ, &kprinc); + if (krberr != 0) { + DEBUG(SSSDBG_OP_FAILURE, "krb5_parse_name() failed: %d\n", krberr); + goto done; + } krberr = krb5_get_init_creds_keytab(context, &my_creds, kprinc, keytab, 0, NULL, options); + krb5_free_principal(context, kprinc); if (krberr != 0) { DEBUG(SSSDBG_OP_FAILURE, "krb5_get_init_creds_keytab() failed: %d\n", krberr); -- 2.27.0