svn rev #23040: trunk/src/plugins/preauth/encrypted_challenge/

Sun Oct 25 19:31:03 EDT 2009

http://src.mit.edu/fisheye/changelog/krb5/?cs=23040
Commit By: epeisach
Log Message:
kdc_return_preauth: Set enc.ciphertext.data to null to ensure we do
not try to free random stack garbage on error.




Changed Files:
U   trunk/src/plugins/preauth/encrypted_challenge/encrypted_challenge_main.c
Modified: trunk/src/plugins/preauth/encrypted_challenge/encrypted_challenge_main.c
===================================================================

--- trunk/src/plugins/preauth/encrypted_challenge/encrypted_challenge_main.c	2009-10-25 20:27:54 UTC (rev 23039)
+++ trunk/src/plugins/preauth/encrypted_challenge/encrypted_challenge_main.c	2009-10-25 23:31:02 UTC (rev 23040)
@@ -339,6 +339,8 @@
         return 0;
     * pa_request_context = NULL; /*this function will free the
                   * challenge key*/
+    enc.ciphertext.data = NULL; /* In case of error pass through */
+
     retval = krb5_us_timeofday(context, &ts.patimestamp, &ts.pausec);
     if (retval == 0)
         retval = kaccess.encode_enc_ts(&ts, &plain);


