Problem: TODO in gssapi mechanism

Solution: remove it.
Looking at the code:

https://github.com/krb5/krb5/blob/master/src/lib/gssapi/mechglue/g_unseal.c#L55

gss_unwrap as the very first thing checks that plaintext is not a
null pointer, which in our case it's true given it's on the stack,
and then initialises its members to 0 length and null ptr.

https://github.com/krb5/krb5/blob/master/src/lib/gssapi/mechglue/g_rel_buffer.c#L36

So it should be safe to release it in all cases, and the release API
seems to check again if it's not a null pointer and then if the
members are 0 length and null pointer it's a no-op.
This commit is contained in:
Luca Boccassi 2017-08-18 15:58:35 +01:00
parent 77444e206c
commit 7be3efc936

View File

@ -183,8 +183,6 @@ int zmq::gssapi_mechanism_base_t::decode_message (msg_t *msg_)
if (maj_stat != GSS_S_COMPLETE) if (maj_stat != GSS_S_COMPLETE)
{ {
// TODO is it correct to release the plaintext buffer if gss_unwrap
// did not succeed?
gss_release_buffer (&min_stat, &plaintext); gss_release_buffer (&min_stat, &plaintext);
free (wrapped.value); free (wrapped.value);
session->get_socket ()->event_handshake_failed_protocol ( session->get_socket ()->event_handshake_failed_protocol (