From d98a435f108ed398a1ed839d189607d1c1dfafc1 Mon Sep 17 00:00:00 2001
From: Har Gagan Sahai <SHarGagan@novell.com>
Date: Fri, 28 Aug 2015 19:00:35 +0530
Subject: [PATCH] Fix memory leaks in kerberos credential cache and dns
 resolution during spnego authentication using kerberos.

Signed-off-by: Har Gagan Sahai <SHarGagan@novell.com>
---
 source4/heimdal/lib/krb5/mcache.c   | 10 +++++++---
 source4/heimdal/lib/roken/resolve.c |  1 +
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/source4/heimdal/lib/krb5/mcache.c b/source4/heimdal/lib/krb5/mcache.c
index e4b90c1..68dfd19 100644
--- a/source4/heimdal/lib/krb5/mcache.c
+++ b/source4/heimdal/lib/krb5/mcache.c
@@ -163,9 +163,13 @@ mcc_initialize(krb5_context context,
     krb5_mcache *m = MCACHE(id);
     m->dead = 0;
     m->mtime = time(NULL);
-    return krb5_copy_principal (context,
-				primary_principal,
-				&m->primary_principal);
+    if (m->primary_principal == NULL) {
+	    return krb5_copy_principal (context,
+					primary_principal,
+					&m->primary_principal);
+    }
+    else
+	return 0;
 }
 
 static int
diff --git a/source4/heimdal/lib/roken/resolve.c b/source4/heimdal/lib/roken/resolve.c
index b27f37a..0cfe0b0 100644
--- a/source4/heimdal/lib/roken/resolve.c
+++ b/source4/heimdal/lib/roken/resolve.c
@@ -588,6 +588,7 @@ dns_lookup_int(const char *domain, int rr_class, int rr_type)
 
     len = min(len, size);
     r = parse_reply(reply, len);
+    resolve_free_handle(handle);
     free(reply);
     return r;
 }
-- 
1.8.4.5