database/postgres
database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-05-05 09:19:17 +03:00
Code

Properly close token in sspi authentication

Browse Source 
We can never leak more than one token, but we shouldn't do that. We
don't bother closing it in the error paths since the process will
exit shortly anyway.

Christian Ullrich
This commit is contained in:
Magnus Hagander 2016-01-14 13:06:03 +01:00
parent 7393208b51
commit ab49f87d5c
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/backend/libpq/auth.c
View File

@ -1255,6 +1255,8 @@ pg_SSPI_recvauth(Port *port)
(errmsg_internal("could not get user token: error code %lu", (errmsg_internal("could not get user token: error code %lu",
GetLastError()))); GetLastError())));
CloseHandle(token);
if (!LookupAccountSid(NULL, tokenuser->User.Sid, accountname, &accountnamesize, if (!LookupAccountSid(NULL, tokenuser->User.Sid, accountname, &accountnamesize,
domainname, &domainnamesize, &accountnameuse)) domainname, &domainnamesize, &accountnameuse))
ereport(ERROR, ereport(ERROR,