[Bug 255870] [PATCH] rpc/rpcsec_gss: Fix a double free in rpc_gss_marshal

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 16 Jun 2021 16:37:56 +0000
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255870

--- Comment #2 from Rick Macklem <rmacklem_at_FreeBSD.org> ---
I think your analysis is correct.

rpc_gss_marshal() is only called by
the AUTH_MARSHALL() macros and
they are only used during encoding
(x_op == XDR_ENCODE).
--> See all uses of AUTH_MARSHALL().

Since mem_free() is not called in
xdr_bytes() for the XDR_ENCODE case,
there is no "double free".

Also, since it is on the main "always
executed" code path, any such bug would
have been detected during testing.

-- 
You are receiving this mail because:
You are the assignee for the bug.
Received on Wed Jun 16 2021 - 16:37:56 UTC

Original text of this message