auth_leak.patch
application/octet-stream
Filename: auth_leak.patch
Type: application/octet-stream
Part: 0
Patch
Format: unified
| File | + | − |
|---|---|---|
| src/backend/libpq/auth.c | 13 | 0 |
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index 511f891393..cf45cb882f 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -1393,6 +1393,12 @@ pg_SSPI_recvauth(Port *port)
(errcode(ERRCODE_PROTOCOL_VIOLATION),
errmsg("expected SSPI response, got message type %d",
mtype)));
+ if (sspictx != NULL)
+ {
+ DeleteSecurityContext(sspictx);
+ free(sspictx);
+ }
+ FreeCredentialsHandle(&sspicred);
return STATUS_ERROR;
}
@@ -1402,6 +1408,12 @@ pg_SSPI_recvauth(Port *port)
{
/* EOF - pq_getmessage already logged error */
pfree(buf.data);
+ if (sspictx != NULL)
+ {
+ DeleteSecurityContext(sspictx);
+ free(sspictx);
+ }
+ FreeCredentialsHandle(&sspicred);
return STATUS_ERROR;
}
@@ -2517,6 +2529,7 @@ InitializeLDAPConnection(Port *port, LDAP **ldap)
(errmsg("could not load function _ldap_start_tls_sA in wldap32.dll"),
errdetail("LDAP over SSL is not supported on this platform.")));
ldap_unbind(*ldap);
+ FreeLibrary(ldaphandle);
return STATUS_ERROR;
}