[krbdev.mit.edu #7917] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Sat May 24 22:30:11 EDT 2014
Properly handle PKCS11 label in PKINIT
The CK_TOKEN_INFO label field is defined to be zero-filled, but it may
not be zero-terminated if all bytes of the field are used. Use only
length-counted operations to process it. Also avoid underrunning the
buffer pointer if the label is empty or contains only whitespace.
https://github.com/krb5/krb5/commit/f8b42ef541a463f56720ec9358dd07716b04c5e2
Author: Greg Hudson <ghudson at mit.edu>
Commit: f8b42ef541a463f56720ec9358dd07716b04c5e2
Branch: master
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 28 ++++++++++++-------
1 files changed, 18 insertions(+), 10 deletions(-)
More information about the krb5-bugs
mailing list