Unverified Commit 0b116602 authored Jul 22, 2017 by Isaac Boukris Committed by Marcel Raad Aug 05, 2017

gssapi: fix memory leak of output token in multi round context

When multiple rounds are needed to establish a security context
(usually ntlm), we overwrite old token with a new one without free.
Found by proposed gss tests using stub a gss implementation (by
valgrind error), though I have confirmed the leak with a real
gssapi implementation as well.

Closes https://github.com/curl/curl/pull/1733

parent 61046e7b

lib/vauth/spnego_gssapi.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -180,6 +180,10 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
		return CURLE_OUT_OF_MEMORY;
		}

		/* Free previous token */
		if(nego->output_token.length && nego->output_token.value)
		gss_release_buffer(&unused_status, &nego->output_token);

		nego->output_token = output_token;

		return CURLE_OK;