Skip to content

Commit 6a61d1f

Browse files
mhagandermhagander
committed
Properly close token in sspi authentication
We can never leak more than one token, but we shouldn't do that. We don't bother closing it in the error paths since the process will exit shortly anyway. Christian Ullrich
1 parent e72d7d8 commit 6a61d1f

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

src/backend/libpq/auth.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1253,6 +1253,8 @@ pg_SSPI_recvauth(Port *port)
12531253
(errmsg_internal("could not get user token: error code %lu",
12541254
GetLastError())));
12551255

1256+
CloseHandle(token);
1257+
12561258
if (!LookupAccountSid(NULL, tokenuser->User.Sid, accountname, &accountnamesize,
12571259
domainname, &domainnamesize, &accountnameuse))
12581260
ereport(ERROR,

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy