From nobody Mon Jun 16 18:42:41 2025
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4bLf4y2t1gz5yGPn;
	Mon, 16 Jun 2025 18:42:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4bLf4x6nkYz3Plm;
	Mon, 16 Jun 2025 18:42:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1750099362;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=4kYYBM6Qw2d7NFBcVqOAS/m5l6YljQI55DC1JtMdI/A=;
	b=aVbZYSSk1C456UKxt0oDLqvKzIwsr2z8swWBmFyAWR3Z9awpZUaeeCM/1CdJRS1xPSblf1
	Bx7xGklCDxaAZoyV7pamiKhwyjhRw6FPrUt1soi+VwRUVPAiMMKbRQmzySvz6wcbryduWu
	QDFsxiXBhYIY6c4m+3RoB9PHbnZXoloNS/DeEQgcmA+IA7y8vUFHPNGibxulD5xZJtUQ67
	4Pe+Aj1UoZLY1PXLEkri5ok+ZSjNdEocEVfb0Va+Ph6rPjeBFXkxKssjKKN7SdCg0ZHxdO
	z085MqmP0cNUxxTDPRI9ExEaZSD+D/FBnnsUvElpiHd3dEFJeUxnm2vJUM14/w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1750099361;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=4kYYBM6Qw2d7NFBcVqOAS/m5l6YljQI55DC1JtMdI/A=;
	b=xorMa8Mj+Yb9IW5u5T18po9OfJDUD+GCNEoBoTL2yb0lvZrq5L/jyoJl/TD1MkaXHP458R
	1EKlz8Nq4Kj4ORQ2st34A7V5q+Zymh1tmwfnMdtl7JfZFyvXFWgCA0h8/a64BnK7dVunNi
	V0ZfGdwNiAL3T06oaY/MOQpEjEQxfyW2XW2cADslmaRasamFKX7fYVjs6MelTnGjmPK/Iw
	Ii7EvyZtq7X+w5UFtZMNmEbFhewcnOE1AxpoXTwH49AAbGpIcTlOeaaMsVdF/wQSN30lLq
	Fxy97FefwLJ9giUBCnWLXsj0x8VW38oXPxf8MLx/LNTnMrp2fCj69ukwtYcn3g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1750099362; a=rsa-sha256; cv=none;
	b=YTmVSCJTLKC6mAiI5bM2aDMKMMt0A2cOVfLKjshXUIbDS58JUon8Py2sltzkTduhoWKm8w
	KsaoHDAnCtRQD6I1Qfwc9rS7FpEkBjDxoLm9GvE2vbRfuwf5rwn1UkNmz9wH8+l8N1SyR5
	rtL4V79cMrFyWY+R1s09196k5h7h++trXd8n/8IFOPYQMGlGDVUmTyM/ezEsJ4cGkspWPC
	UV6atF+5oHLo6aXX1MCzrm/H0Ym6R5jJQtO6YcX+kjWEfLnS+H59q3XzYbu9aAAmuuTiP/
	BJ2O84uijUZ3aVkrAJgh8MB2Wxyi4HYKkrvG1xSoI5eZxpkzFJkUMWRXsj1ZuQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4bLf4x6PKLz18Zp;
	Mon, 16 Jun 2025 18:42:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 55GIgftn052880;
	Mon, 16 Jun 2025 18:42:41 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 55GIgf9M052877;
	Mon, 16 Jun 2025 18:42:41 GMT
	(envelope-from git)
Date: Mon, 16 Jun 2025 18:42:41 GMT
Message-Id: <202506161842.55GIgf9M052877@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Cy Schubert <cy@FreeBSD.org>
Subject: git: 98f18cd98824 - main - pam_ksu: Move the realm free
  to end of function
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: cy
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 98f18cd98824acdf1045e74615f2db0219019f0b
Auto-Submitted: auto-generated

The branch main has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=98f18cd98824acdf1045e74615f2db0219019f0b

commit 98f18cd98824acdf1045e74615f2db0219019f0b
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2025-06-16 18:40:51 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2025-06-16 18:42:30 +0000

    pam_ksu: Move the realm free to end of function
    
    This avoids a use after free.
    
    Noted by:       jhb
---
 lib/libpam/modules/pam_ksu/pam_ksu.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/libpam/modules/pam_ksu/pam_ksu.c b/lib/libpam/modules/pam_ksu/pam_ksu.c
index a6b3f043d3f4..e50c3e387311 100644
--- a/lib/libpam/modules/pam_ksu/pam_ksu.c
+++ b/lib/libpam/modules/pam_ksu/pam_ksu.c
@@ -85,8 +85,6 @@ krb5_make_principal(krb5_context context, krb5_principal principal,
 		if ((rc = krb5_get_default_realm(context, &temp_realm)))
 			return (rc);
 		realm=temp_realm;
-		if (temp_realm)
-			free(temp_realm);
 	}
 	va_start(ap, realm);
 	/*
@@ -99,6 +97,8 @@ krb5_make_principal(krb5_context context, krb5_principal principal,
 	 */
 	rc = krb5_build_principal_va(context, principal, strlen(realm), realm, ap);
 	va_end(ap);
+	if (temp_realm)
+		free(temp_realm);
 	return (rc);
 }
 #endif