svn rev #22082: trunk/src/lib/gssapi/krb5/
raeburn@MIT.EDU
raeburn at MIT.EDU
Thu Mar 12 18:06:35 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22082
Commit By: raeburn
Log Message:
ticket: 6412
tags: pullup
Better fix: Delay setting 'outbuf' until after the header buffer might
have been allocated locally, and set it in both code paths instead of
just the confidentiality-requested code path.
Changed Files:
U trunk/src/lib/gssapi/krb5/k5sealv3iov.c
Modified: trunk/src/lib/gssapi/krb5/k5sealv3iov.c
===================================================================
--- trunk/src/lib/gssapi/krb5/k5sealv3iov.c 2009-03-12 16:48:15 UTC (rev 22081)
+++ trunk/src/lib/gssapi/krb5/k5sealv3iov.c 2009-03-12 22:06:35 UTC (rev 22082)
@@ -90,8 +90,6 @@
trailer = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
- outbuf = (unsigned char *)header->buffer.value;
-
if (toktype == KG_TOK_WRAP_MSG && conf_req_flag) {
unsigned int k5_headerlen, k5_trailerlen, k5_padlen;
size_t ec = 0;
@@ -131,11 +129,11 @@
if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
code = kg_allocate_iov(header, (size_t) gss_headerlen);
- outbuf = (unsigned char *)header->buffer.value;
} else if (header->buffer.length < gss_headerlen)
code = KRB5_BAD_MSIZE;
if (code != 0)
goto cleanup;
+ outbuf = (unsigned char *)header->buffer.value;
header->buffer.length = (size_t) gss_headerlen;
if (trailer != NULL) {
@@ -205,6 +203,7 @@
code = KRB5_BAD_MSIZE;
if (code != 0)
goto cleanup;
+ outbuf = (unsigned char *)header->buffer.value;
header->buffer.length = (size_t) gss_headerlen;
if (trailer != NULL) {
More information about the cvs-krb5
mailing list