[krbdev.mit.edu #7488] SVN Commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Mon Dec 10 14:21:22 EST 2012
Fix various integer issues
In kdc_util.c and spnego_mech.c, error returns from ASN.1 length
functions could be ignored because they were assigned to unsigned
values. In spnego_mech.c, two buffer size checks could be rewritten
to reduce the likelihood of pointer overflow. In dump.c and
kdc_preauth.c, calloc() could be used to simplify the code and avoid
multiplication overflow. In pkinit_clnt.c, the wrong value was
checked for a null result from malloc(), and the code could be
simplified.
Reported by Nickolai Zeldovich <nickolai at csail.mit.edu>.
https://github.com/krb5/krb5/commit/d3c5450ddf0b20855e86dab41735d56c6860156b
Author: Greg Hudson <ghudson at mit.edu>
Commit: d3c5450ddf0b20855e86dab41735d56c6860156b
Branch: master
src/kadmin/dbutil/dump.c | 3 +-
src/kdc/kdc_preauth.c | 3 +-
src/kdc/kdc_util.c | 3 +-
src/lib/gssapi/spnego/spnego_mech.c | 6 ++--
src/plugins/preauth/pkinit/pkinit_clnt.c | 43 ++++++++---------------------
5 files changed, 19 insertions(+), 39 deletions(-)
More information about the krb5-bugs
mailing list