Better protection against leaking handles - use a nested try-finally when allocating inside a CER. The inner finally protects against the case where the PtrToStructure, which allocates, fails.

2014-06-26 23:43:14 +00:00
parent c9a4e69dc3
commit b55c367caa
1 changed files with 9 additions and 2 deletions
--- a/PackageSupport.cs
+++ b/PackageSupport.cs
@@ -30,8 +30,15 @@ namespace NSspi

                if( status == SecurityStatus.OK && rawInfoPtr != IntPtr.Zero )
                {
-                    Marshal.PtrToStructure( rawInfoPtr, info );
-                    freeStatus = NativeMethods.FreeContextBuffer( rawInfoPtr );
+                    try
+                    {
+                        // This performs allocations as it makes room for the strings contained in the SecPkgInfo class.
+                        Marshal.PtrToStructure( rawInfoPtr, info );
+                    }
+                    finally
+                    {
+                        freeStatus = NativeMethods.FreeContextBuffer( rawInfoPtr );
+                    }
                }
            }