Hans Leidekker (@hans) commented about dlls/kerberos/unixlib.c:
+ ret = pgss_unwrap_iov( &minor_status, ctx, &conf_state, NULL, iov, 2 ); + TRACE( "gss_unwrap_iov returned %#x minor status %#x\n", ret, minor_status ); + if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status ); + if (ret == GSS_S_COMPLETE) + { + if (params->data_length < iov[1].buffer.length) + { + free( iov[0].buffer.value ); + return SEC_E_BUFFER_TOO_SMALL; + } + + memcpy( params->data, iov[1].buffer.value, iov[1].buffer.length ); + + /* check whether DATA buffer points within STREAM buffer */ + if (!((char *)iov[1].buffer.value >= (char *)iov[0].buffer.value && (char *)iov[1].buffer.value < (char *)iov[0].buffer.value + iov[0].buffer.length)) + pgss_release_buffer( &minor_status, &iov[1].buffer ); Why do we need to release the buffer if we're not passing GSS_C_BUFFER_FLAG_ALLOCATE?
-- https://gitlab.winehq.org/wine/wine/-/merge_requests/8116#note_105111