Properly close token in sspi authentication

We can never leak more than one token, but we shouldn't do that. We don't bother closing it in the error paths since the process will exit shortly anyway. Christian Ullrich

Properly close token in sspi authentication
We can never leak more than one token, but we shouldn't do that. We don't bother closing it in the error paths since the process will exit shortly anyway. Christian Ullrich
6a61d1ff · Magnus Hagander · e72d7d85 · 6a61d1ff
Commit 6a61d1ff authored Jan 14, 2016 by Magnus Hagander
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

src/backend/libpq/auth.c src/backend/libpq/auth.c +2 -0

No files found.
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -1253,6 +1253,8 @@ pg_SSPI_recvauth(Port *port)
 				(errmsg_internal("could not get user token: error code %lu",
 								 GetLastError())));

+	CloseHandle(token);
+
 	if (!LookupAccountSid(NULL, tokenuser->User.Sid, accountname, &accountnamesize,
 						  domainname, &domainnamesize, &accountnameuse))
 		ereport(ERROR,