[krbdev.mit.edu #8017] git commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Mon Sep 22 17:29:07 EDT 2014
Fix krb5 gss_acquire_cred_impersonate_name crash
If gss_acquire_cred_impersonate_name is called using an
impersonator_cred_handle acquired with GSS_C_ACCEPT, we could
dereference null fields of the cred handle and crash. Fix this by
checking the impersonator_cred_handle usage and returning
GSS_S_NO_CRED if it isn't what we expect, just as we do in
init_sec_context.
Based on a patch from Solly Ross <sross at redhat.com>.
(cherry picked from commit 17689700b27c6fb6d26156330d11b57ef79385d3)
https://github.com/krb5/krb5/commit/3b30c09bf48b9a2ec943e43573a882b1f0f545d2
Author: Greg Hudson <ghudson at mit.edu>
Committer: Tom Yu <tlyu at mit.edu>
Commit: 3b30c09bf48b9a2ec943e43573a882b1f0f545d2
Branch: krb5-1.13
src/lib/gssapi/krb5/s4u_gss_glue.c | 10 ++++++++--
1 files changed, 8 insertions(+), 2 deletions(-)
More information about the krb5-bugs
mailing list