krb5 commit: Fix krb5_ldap_list_policy() filtering loop
ghudson at mit.edu
ghudson at mit.edu
Tue Nov 5 11:35:00 EST 2024
https://github.com/krb5/krb5/commit/0a23b0cd9466e8a7c6fb82fce185be6e0834ce26
commit 0a23b0cd9466e8a7c6fb82fce185be6e0834ce26
Author: Greg Hudson <ghudson at mit.edu>
Date: Sun Oct 27 19:01:51 2024 -0400
Fix krb5_ldap_list_policy() filtering loop
The loop at the end of this function is intended to ignore ticket
policy DNs that can't be converted to names. But it instead leaves a
hole in the output list if that happens, effectively truncating the
list and leaking any subsequent entries. Use the correct index for
the output list.
ticket: 9148 (new)
src/plugins/kdb/ldap/libkdb_ldap/ldap_tkt_policy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_tkt_policy.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_tkt_policy.c
index 01c9eebae..52f09497e 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_tkt_policy.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_tkt_policy.c
@@ -382,7 +382,7 @@ krb5_ldap_list_policy(krb5_context context, char *containerdn, char ***policy)
for (i = 0, j = 0; list[i] != NULL; i++, j++) {
int ret;
- ret = krb5_ldap_policydn_to_name (context, list[i], &(*policy)[i]);
+ ret = krb5_ldap_policydn_to_name (context, list[i], &(*policy)[j]);
if (ret != 0)
j--;
}
More information about the cvs-krb5
mailing list