In krb5_524_conv_principal(), if the realm we read from the profile is
too long for the result buffer, free the profile value before
In krb5_425_conv_principal(), if krb5_get_realm_domain() fails, still
free any leftover allocated data using a cleanup label. The only one
that could be left over is dummy_value which we could address easily
enough within the loop, but we shouldn't sidestep the cleanup code.