1berry/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Properly close token in sspi authentication

Browse Source 
We can never leak more than one token, but we shouldn't do that. We
don't bother closing it in the error paths since the process will
exit shortly anyway.

Christian Ullrich
This commit is contained in:
Magnus Hagander 2016-01-14 13:06:03 +01:00
parent be2b276514
commit df0bd5a0f7
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/backend/libpq/auth.c
View File

@ -1464,6 +1464,8 @@ pg_SSPI_recvauth(Port *port)
(errmsg_internal("could not get user token: error code %lu", (errmsg_internal("could not get user token: error code %lu",
GetLastError()))); GetLastError())));
CloseHandle(token);
if (!LookupAccountSid(NULL, tokenuser->User.Sid, accountname, &accountnamesize, if (!LookupAccountSid(NULL, tokenuser->User.Sid, accountname, &accountnamesize,
domainname, &domainnamesize, &accountnameuse)) domainname, &domainnamesize, &accountnameuse))
ereport(ERROR, ereport(ERROR,