diff options
| author | Magnus Hagander <magnus@hagander.net> | 2016-01-14 13:06:03 +0100 |
|---|---|---|
| committer | Magnus Hagander <magnus@hagander.net> | 2016-01-14 13:08:10 +0100 |
| commit | b1c0f92eb690388a0739bee2793f5ae8baf5d0bb (patch) | |
| tree | 6ac549f3f61a74f26db376f324a6f1858c6e0053 | |
| parent | 5108013dbbfedb5e5af6a58cde5f074d895c46bf (diff) | |
| download | postgresql-b1c0f92eb690388a0739bee2793f5ae8baf5d0bb.tar.gz postgresql-b1c0f92eb690388a0739bee2793f5ae8baf5d0bb.zip | |
Properly close token in sspi authentication
We can never leak more than one token, but we shouldn't do that. We
don't bother closing it in the error paths since the process will
exit shortly anyway.
Christian Ullrich
| -rw-r--r-- | src/backend/libpq/auth.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index 22a1c1cb274..e70f4729aff 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -1468,6 +1468,8 @@ pg_SSPI_recvauth(Port *port) (errmsg_internal("could not get user token: error code %d", (int) GetLastError()))); + CloseHandle(token); + if (!LookupAccountSid(NULL, tokenuser->User.Sid, accountname, &accountnamesize, domainname, &domainnamesize, &accountnameuse)) ereport(ERROR, |