The branch main has been updated by cy:
URL:
https://cgit.FreeBSD.org/src/commit/?id=98f18cd98824acdf1045e74615f2db0219019f0b
commit 98f18cd98824acdf1045e74615f2db0219019f0b
Author: Cy Schubert <c...@freebsd.org>
AuthorDate: 2025-06-16 18:40:51 +0000
Commit: Cy Schubert <c...@freebsd.org>
CommitDate: 2025-06-16 18:42:30 +0000
pam_ksu: Move the realm free to end of function
This avoids a use after free.
Noted by: jhb
---
lib/libpam/modules/pam_ksu/pam_ksu.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/libpam/modules/pam_ksu/pam_ksu.c
b/lib/libpam/modules/pam_ksu/pam_ksu.c
index a6b3f043d3f4..e50c3e387311 100644
--- a/lib/libpam/modules/pam_ksu/pam_ksu.c
+++ b/lib/libpam/modules/pam_ksu/pam_ksu.c
@@ -85,8 +85,6 @@ krb5_make_principal(krb5_context context, krb5_principal
principal,
if ((rc = krb5_get_default_realm(context, &temp_realm)))
return (rc);
realm=temp_realm;
- if (temp_realm)
- free(temp_realm);
}
va_start(ap, realm);
/*
@@ -99,6 +97,8 @@ krb5_make_principal(krb5_context context, krb5_principal
principal,
*/
rc = krb5_build_principal_va(context, principal, strlen(realm), realm,
ap);
va_end(ap);
+ if (temp_realm)
+ free(temp_realm);
return (rc);
}
#endif
