The following commit has been merged in the openafs-stable-1_8_x branch:
commit 3b383abaa932fe03f405571c50df4e95043d7998
Author: Mark Vitale <[email protected]>
Date: Fri May 12 21:25:36 2023 -0400
rxkad: Free memory used to check rxkad response
Since its introduction with commit 7e4e06b87a09 "Derive DES/fcrypt
session key from other key types", rxkad_derive_des_key has failed to
free the memory associated with its HMAC context struct.
This results in a leak of at least 352 bytes for each rxkad challenge
response processed by an OpenAFS server when using rxkad-kdf.
Free the memory by calling HMAC_CTX_cleanup after each round of the
loop.
Discovered via Solaris libumem.so.1.
Reviewed-on: https://gerrit.openafs.org/15427
Tested-by: BuildBot <[email protected]>
Reviewed-by: Andrew Deason <[email protected]>
Reviewed-by: Cheyenne Wills <[email protected]>
Reviewed-by: Benjamin Kaduk <[email protected]>
(cherry picked from commit 915c9ec007810f99a5ea8be73426fc8882f615fd)
Change-Id: I4710c1180cdca19cc963d7409ef15e74efd51498
Reviewed-on: https://gerrit.openafs.org/15516
Tested-by: BuildBot <[email protected]>
Reviewed-by: Michael Meffie <[email protected]>
Reviewed-by: Mark Vitale <[email protected]>
Reviewed-by: Stephan Wiesand <[email protected]>
src/rxkad/ticket5.c | 1 +
1 file changed, 1 insertion(+)
--
OpenAFS Master Repository
_______________________________________________
OpenAFS-cvs mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-cvs
