Skip to content
Permalink
Browse files

pull up r24937 from trunk

 ------------------------------------------------------------------------
 r24937 | ghudson | 2011-05-21 22:08:37 -0400 (Sat, 21 May 2011) | 10 lines

 ticket: 6913
 subject: Fix multiple tl-data updates over iprop
 target_version: 1.9.2
 tags: pullup

 krb5_dbe_update_tl_data() accepts a single read-only tl-data entry,
 but ulog_conv_2dbentry() expects it to process a full list.  Fix
 ulog_conv_2dbentry() to call krb5_db2_update_tl_data() on each entry
 individually, simplifying its memory management in the process.

ticket: 6913
version_fixed: 1.9.2
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-9@24955 dc483132-0cff-0310-8789-dd5450dbe970
  • Loading branch information...
tlyu committed Jun 9, 2011
1 parent ae3f34e commit fd862bbdc55f3e0b7a44b2ee26f01affc999a665
Showing with 8 additions and 35 deletions.
  1. +8 −35 src/lib/kdb/kdb_convert.c
@@ -585,7 +585,7 @@ ulog_conv_2dbentry(krb5_context context, krb5_db_entry **entry,
int i, j, cnt = 0, mod_time = 0, nattrs;
krb5_principal dbprinc;
char *dbprincstr = NULL;
krb5_tl_data *newtl = NULL;
krb5_tl_data newtl;
krb5_error_code ret;
unsigned int prev_n_keys = 0;
krb5_boolean is_add;
@@ -732,40 +732,13 @@ ulog_conv_2dbentry(krb5_context context, krb5_db_entry **entry,
break;

case AT_TL_DATA: {
int t;

cnt = u.av_tldata.av_tldata_len;
newtl = calloc(cnt, sizeof (krb5_tl_data));
if (newtl == NULL)
return (ENOMEM);

for (j = 0, t = 0; j < cnt; j++) {
newtl[t].tl_data_type = (krb5_int16)u.av_tldata.av_tldata_val[j].tl_type;
newtl[t].tl_data_length = (krb5_int16)u.av_tldata.av_tldata_val[j].tl_data.tl_data_len;
newtl[t].tl_data_contents = malloc(newtl[t].tl_data_length * sizeof (krb5_octet));
if (newtl[t].tl_data_contents == NULL)
/* XXX Memory leak: newtl
and previously
allocated elements. */
return (ENOMEM);

(void) memcpy(newtl[t].tl_data_contents, u.av_tldata.av_tldata_val[t].tl_data.tl_data_val, newtl[t].tl_data_length);
newtl[t].tl_data_next = NULL;
if (t > 0)
newtl[t - 1].tl_data_next = &newtl[t];
t++;
}

if ((ret = krb5_dbe_update_tl_data(context, ent, newtl)))
return (ret);
for (j = 0; j < t; j++)
if (newtl[j].tl_data_contents) {
free(newtl[j].tl_data_contents);
newtl[j].tl_data_contents = NULL;
}
if (newtl) {
free(newtl);
newtl = NULL;
for (j = 0; j < (int)u.av_tldata.av_tldata_len; j++) {
newtl.tl_data_type = (krb5_int16)u.av_tldata.av_tldata_val[j].tl_type;
newtl.tl_data_length = (krb5_int16)u.av_tldata.av_tldata_val[j].tl_data.tl_data_len;
newtl.tl_data_contents = (krb5_octet *)u.av_tldata.av_tldata_val[j].tl_data.tl_data_val;
newtl.tl_data_next = NULL;
if ((ret = krb5_dbe_update_tl_data(context, ent, &newtl)))
return (ret);
}
break;
/* END CSTYLED */

0 comments on commit fd862bb

Please sign in to comment.
You can’t perform that action at this time.