svn rev #22081: trunk/src/lib/gssapi/krb5/
raeburn@MIT.EDU
raeburn at MIT.EDU
Thu Mar 12 12:48:16 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22081
Commit By: raeburn
Log Message:
ticket: 6412
subject: crash using library-allocated storage for header in wrap_iov
target_version: 1.7
tags: pullup
When allocating storage for the header buffer, update the internal
output buffer pointer as well.
Changed Files:
U trunk/src/lib/gssapi/krb5/k5sealv3iov.c
Modified: trunk/src/lib/gssapi/krb5/k5sealv3iov.c
===================================================================
--- trunk/src/lib/gssapi/krb5/k5sealv3iov.c 2009-03-12 02:07:26 UTC (rev 22080)
+++ trunk/src/lib/gssapi/krb5/k5sealv3iov.c 2009-03-12 16:48:15 UTC (rev 22081)
@@ -129,9 +129,10 @@
gss_headerlen += gss_trailerlen;
}
- if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
+ if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
code = kg_allocate_iov(header, (size_t) gss_headerlen);
- else if (header->buffer.length < gss_headerlen)
+ outbuf = (unsigned char *)header->buffer.value;
+ } else if (header->buffer.length < gss_headerlen)
code = KRB5_BAD_MSIZE;
if (code != 0)
goto cleanup;
More information about the cvs-krb5
mailing list