From 1403f9aa2f34e6dfd17816e63b88348d55291e45 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 10 Jan 2011 03:49:49 +0000 Subject: [PATCH] don't free memory passed to putenv(), use malloc and check for malloc failures --- lib/dns/gssapictx.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/lib/dns/gssapictx.c b/lib/dns/gssapictx.c index f1738c4e2f..736a9badcb 100644 --- a/lib/dns/gssapictx.c +++ b/lib/dns/gssapictx.c @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: gssapictx.c,v 1.25 2011/01/08 23:47:01 tbox Exp $ */ +/* $Id: gssapictx.c,v 1.26 2011/01/10 03:49:49 marka Exp $ */ #include @@ -553,7 +553,6 @@ dst_gssapi_initctx(dns_name_t *name, isc_buffer_t *intoken, isc_result_t result; gss_buffer_desc gnamebuf; unsigned char array[DNS_NAME_MAXTEXT + 1]; - char *tmpfile = NULL; /* Client must pass us a valid gss_ctx_id_t here */ REQUIRE(gssctx != NULL); @@ -618,11 +617,6 @@ dst_gssapi_initctx(dns_name_t *name, isc_buffer_t *intoken, result = DNS_R_CONTINUE; out: - if (tmpfile) { - unsetenv("KRB5_CONFIG"); - isc_file_remove(tmpfile); - isc_mem_free(mctx, tmpfile); - } return (result); #else UNUSED(name); @@ -653,7 +647,6 @@ dst_gssapi_acceptctx(gss_cred_id_t cred, gss_name_t gname = NULL; isc_result_t result; char buf[1024]; - char *kt = NULL; REQUIRE(outtoken != NULL && *outtoken == NULL); @@ -678,9 +671,19 @@ dst_gssapi_acceptctx(gss_cred_id_t cred, return (DNS_R_INVALIDTKEY); } #else - kt = isc_mem_allocate(mctx, strlen(gssapi_keytab) + 13); - sprintf(kt, "KRB5_KTNAME=%s", gssapi_keytab); - putenv(kt); + /* + * Minimize memory leakage by only setting KRB5_KTNAME + * if it needs to change. + */ + const char *old = getenv("KRB5_KTNAME"); + if (old == NULL || strcmp(old, gssapi_keytab) != 0) { + char *kt = malloc(strlen(gssapi_keytab) + 13); + if (kt == NULL) + return (ISC_R_NOMEMORY); + sprintf(kt, "KRB5_KTNAME=%s", gssapi_keytab); + if (putenv(kt) != 0) + return (ISC_R_NOMEMORY); + } #endif } @@ -772,9 +775,6 @@ dst_gssapi_acceptctx(gss_cred_id_t cred, sizeof(buf))); } - if (kt != NULL) - isc_mem_free(mctx, kt); - return (result); #else UNUSED(cred);