gssapi: Free output token on exit path (GHSL-2023-039)

Thanks Phil Turnbull from GitHub Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2026-02-04 20:30:38 +09:00 · 2023-03-06 12:27:15 +01:00
parent 559ebc9ccb
commit 429d0422dc
1 changed files with 2 additions and 0 deletions
--- a/src/gssapi.c
+++ b/src/gssapi.c
@@ -1030,6 +1030,8 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
        ssh_packet_send(session);
    }

+    gss_release_buffer(&min_stat, &output_token);
+
    if (maj_stat == GSS_S_COMPLETE) {
        ssh_gssapi_send_mic(session);
        session->auth.state = SSH_AUTH_STATE_GSSAPI_MIC_SENT;