Fix trivial KDC memory leak with test KDB module

If a KDB module zeroes out the master key in its fetch_master_key() method (as the test KDB module does), krb5_db_fetch_mkey() will copy it, allocating one byte of memory for the contents. The KDC will then leak it on exit, as the length is zero. Simplify master key destruction using zapfree(). [ghudson@mit.edu: wrote commit message]
krb5 · Feb 26, 2018 · 14f03ab · 14f03ab
1 parent 09685a2
commit 14f03ab
Showing 1 changed file with 1 addition and 5 deletions.
diff --git a/src/kdc/main.c b/src/kdc/main.c
@@ -161,11 +161,7 @@ finish_realm(kdc_realm_t *rdp)
     if (rdp->realm_context) {
         if (rdp->realm_mprinc)
             krb5_free_principal(rdp->realm_context, rdp->realm_mprinc);
-        if (rdp->realm_mkey.length && rdp->realm_mkey.contents) {
-            /* XXX shouldn't memset be zap for safety? */
-            memset(rdp->realm_mkey.contents, 0, rdp->realm_mkey.length);
-            free(rdp->realm_mkey.contents);
-        }
+        zapfree(rdp->realm_mkey.contents, rdp->realm_mkey.length);
         krb5_db_fini(rdp->realm_context);
         if (rdp->realm_tgsprinc)
             krb5_free_principal(rdp->realm_context, rdp->realm_tgsprinc);