From dea292c2fdb4a629c7d488b0bca636856309626b Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Mon, 30 Sep 2024 11:05:20 +0200
Subject: [PATCH] auth4: Fix CID 1034877 Resource leak

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Wed Oct  2 14:19:08 UTC 2024 on atb-devel-224
---
 source4/auth/session.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/source4/auth/session.c b/source4/auth/session.c
index 9c9d8c4aaff..8f5d58b3437 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -365,6 +365,7 @@ struct auth_session_info *auth_session_info_from_transport(TALLOC_CTX *mem_ctx,
 
 		creds = cli_credentials_init(session_info);
 		if (!creds) {
+			gss_release_cred(&minor_status, &cred_handle);
 			*reason = "Out of memory in cli_credentials_init()";
 			return NULL;
 		}
@@ -372,6 +373,7 @@ struct auth_session_info *auth_session_info_from_transport(TALLOC_CTX *mem_ctx,
 
 		ok = cli_credentials_set_conf(creds, lp_ctx);
 		if (!ok) {
+			gss_release_cred(&minor_status, &cred_handle);
 			*reason = "Failed to load smb.conf";
 			return NULL;
 		}
@@ -385,6 +387,7 @@ struct auth_session_info *auth_session_info_from_transport(TALLOC_CTX *mem_ctx,
 							   CRED_SPECIFIED,
 							   &error_string);
 		if (ret) {
+			gss_release_cred(&minor_status, &cred_handle);
 			*reason = talloc_asprintf(mem_ctx,
 						  "Failed to set pipe forwarded "
 						  "creds: %s\n", error_string);