From b55c367caa8599d946ea5ed65416db49bffb6a69 Mon Sep 17 00:00:00 2001
From: antiduh <antiduh@e114e3f1-24f7-e311-a78f-001bfcf5e160>
Date: Thu, 26 Jun 2014 23:43:14 +0000
Subject: [PATCH] Better protection against leaking handles - use a nested
 try-finally when allocating inside a CER. The inner finally protects against
 the case where the PtrToStructure, which allocates, fails.

---
 PackageSupport.cs | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/PackageSupport.cs b/PackageSupport.cs
index 6f38185..dc1f72a 100644
--- a/PackageSupport.cs
+++ b/PackageSupport.cs
@@ -30,8 +30,15 @@ namespace NSspi
 
                 if( status == SecurityStatus.OK && rawInfoPtr != IntPtr.Zero )
                 {
-                    Marshal.PtrToStructure( rawInfoPtr, info );
-                    freeStatus = NativeMethods.FreeContextBuffer( rawInfoPtr );
+                    try
+                    {
+                        // This performs allocations as it makes room for the strings contained in the SecPkgInfo class.
+                        Marshal.PtrToStructure( rawInfoPtr, info );
+                    }
+                    finally
+                    {
+                        freeStatus = NativeMethods.FreeContextBuffer( rawInfoPtr );
+                    }
                 }
             }