From bba35d01db8032a21ba11167356ac1a96310cbec Mon Sep 17 00:00:00 2001 From: Nicolas Williams Date: Tue, 31 Jan 2017 11:33:13 -0600 Subject: [PATCH] kadm5 ad backend wrong size memset Originally by Christos Zoulas. --- lib/kadm5/ad.c | 65 +++++++++++++++++++++++++------------------------- 1 file changed, 32 insertions(+), 33 deletions(-) diff --git a/lib/kadm5/ad.c b/lib/kadm5/ad.c index cc29bf98c3..787081c8cd 100644 --- a/lib/kadm5/ad.c +++ b/lib/kadm5/ad.c @@ -1286,45 +1286,44 @@ kadm5_ad_randkey_principal(void *server_handle, return ret; } - krb5_data_zero (&result_code_string); - krb5_data_zero (&result_string); - - ret = krb5_set_password_using_ccache (context->context, - context->ccache, - password, - principal, - &result_code, - &result_code_string, - &result_string); + krb5_data_zero(&result_code_string); + krb5_data_zero(&result_string); + + ret = krb5_set_password_using_ccache(context->context, + context->ccache, + password, + principal, + &result_code, + &result_code_string, + &result_string); + krb5_data_free(&result_code_string); + krb5_data_free(&result_string); - krb5_data_free (&result_code_string); - krb5_data_free (&result_string); + if (ret) + goto out; - if (ret == 0) { + *keys = malloc(sizeof(**keys) * 1); + if (*keys == NULL) { + ret = ENOMEM; + goto out; + } + *n_keys = 1; - *keys = malloc(sizeof(**keys) * 1); - if (*keys == NULL) { - ret = ENOMEM; - goto out; - } - *n_keys = 1; - - ret = krb5_string_to_key(context->context, - ENCTYPE_ARCFOUR_HMAC_MD5, - password, - principal, - &(*keys)[0]); - memset(password, 0, sizeof(password)); - if (ret) { - free(*keys); - *keys = NULL; - *n_keys = 0; - goto out; - } + ret = krb5_string_to_key(context->context, + ENCTYPE_ARCFOUR_HMAC_MD5, + password, + principal, + &(*keys)[0]); + if (ret) { + free(*keys); + *keys = NULL; + *n_keys = 0; + goto out; } + + out: memset(password, 0, plen); free(password); - out: return ret; #else *keys = NULL;