[krbdev.mit.edu #7825] git commit

Tom Yu via RT rt-comment at krbdev.mit.edu
Thu Jan 16 15:46:32 EST 2014


Avoid malloc(0) in SPNEGO get_input_token

If we read a zero-length token in spnego_mech.c's get_input_token(),
set the value pointer to NULL instead of calling malloc(0).

(cherry picked from commit 13fd26e1863c79f616653f6a10a58c01f65fceff)

https://github.com/krb5/krb5/commit/b7af394a49e73e7458e850eed8f037c624ac9938
Author: Greg Hudson <ghudson at mit.edu>
Committer: Tom Yu <tlyu at mit.edu>
Commit: b7af394a49e73e7458e850eed8f037c624ac9938
Branch: krb5-1.11
 src/lib/gssapi/spnego/spnego_mech.c |   15 +++++++++------
 1 files changed, 9 insertions(+), 6 deletions(-)



More information about the krb5-bugs mailing list