svn rev #23706: branches/krb5-1-8/src/lib/gssapi/krb5/
tlyu@MIT.EDU
tlyu at MIT.EDU
Mon Feb 8 15:55:37 EST 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=23706
Commit By: tlyu
Log Message:
ticket: 6598
version_fixed: 1.8
status: resolved
pull up r23695 from trunk
------------------------------------------------------------------------
r23695 | tlyu | 2010-02-04 22:05:42 -0500 (Thu, 04 Feb 2010) | 8 lines
ticket: 6598
tags: pullup
target_version: 1.8
Apply patch from Arlene Berry to return a comparable static OID object
instead of the application-passed (probably dynamically allocated)
OID, to avoid use-after-free problems.
Changed Files:
U branches/krb5-1-8/src/lib/gssapi/krb5/init_sec_context.c
Modified: branches/krb5-1-8/src/lib/gssapi/krb5/init_sec_context.c
===================================================================
--- branches/krb5-1-8/src/lib/gssapi/krb5/init_sec_context.c 2010-02-08 20:55:34 UTC (rev 23705)
+++ branches/krb5-1-8/src/lib/gssapi/krb5/init_sec_context.c 2010-02-08 20:55:36 UTC (rev 23706)
@@ -979,12 +979,15 @@
err = 1;
}
} else if (g_OID_equal(mech_type, gss_mech_krb5)) {
+ mech_type = (gss_OID) gss_mech_krb5;
if (!cred->rfc_mech)
err = 1;
} else if (g_OID_equal(mech_type, gss_mech_krb5_old)) {
+ mech_type = (gss_OID) gss_mech_krb5_old;
if (!cred->prerfc_mech)
err = 1;
} else if (g_OID_equal(mech_type, gss_mech_krb5_wrong)) {
+ mech_type = (gss_OID) gss_mech_krb5_wrong;
if (!cred->rfc_mech)
err = 1;
} else {
More information about the cvs-krb5
mailing list