[krbdev.mit.edu #7915] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Sat May 24 11:17:13 EDT 2014
Improve pointer hygiene around gss_display_name
GSSAPI functions are responsible for setting their output parameters
on failure. Take greater care to do so in krb5_gss_display_name.
The mechglue is generally defensive about initializing variables used
as outputs, and not assuming that mechs will set them on failure.
Make gssint_convert_name_to_union_name initialize
union_name->external_name before calling mech->gss_display_name, so
that if the mech's gss_display_name doesn't touch it, we don't free an
uninitialized pointer.
Either one of these changes prevents an unlikely memory bug which
could occur if krb5_gss_init_context fails within
krb5_gss_display_name when called from
gssint_convert_name_to_union_name.
https://github.com/krb5/krb5/commit/0bf18fd4363f9f1244688daac224bd456bf52e7f
Author: Greg Hudson <ghudson at mit.edu>
Commit: 0bf18fd4363f9f1244688daac224bd456bf52e7f
Branch: master
src/lib/gssapi/krb5/disp_name.c | 8 +++++---
src/lib/gssapi/mechglue/g_glue.c | 2 ++
2 files changed, 7 insertions(+), 3 deletions(-)
More information about the krb5-bugs
mailing list