svn rev #22410: trunk/src/lib/crypto/yarrow/
epeisach@MIT.EDU
epeisach at MIT.EDU
Thu Jun 11 13:01:15 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22410
Commit By: epeisach
Log Message:
subject: krb5int_yarrow_final could deref NULL if out of memory
ticket: 6512
krb5int_yarrow_final tests if the Yarrow_CTX* is valid (not NULL) -
and if not - signals and error for return - but still invokes
mem_zero (memset) with it as an argument. This will only happen in
an out-of-memory situation.
Changed Files:
U trunk/src/lib/crypto/yarrow/yarrow.c
Modified: trunk/src/lib/crypto/yarrow/yarrow.c
===================================================================
--- trunk/src/lib/crypto/yarrow/yarrow.c 2009-06-10 02:55:22 UTC (rev 22409)
+++ trunk/src/lib/crypto/yarrow/yarrow.c 2009-06-11 17:01:13 UTC (rev 22410)
@@ -918,7 +918,8 @@
CATCH:
krb5int_yarrow_cipher_final(&y->cipher);
- mem_zero( y, sizeof(Yarrow_CTX) );
+ if ( y )
+ mem_zero( y, sizeof(Yarrow_CTX) );
if ( locked ) { TRY( UNLOCK() ); }
EXCEP_RET;
}
More information about the cvs-krb5
mailing list