[krbdev.mit.edu #8303] git commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Wed Dec 9 15:26:47 EST 2015
Tolerate null oid pointer in gss_release_oid()
Under some circumstances, gss_inquire_name() can call
gss_release_oid() with a null oid pointer, which currently causes a
null dereference. The least invasive fix is for gss_release_oid() to
check for the invalid null pointer and return an error, like other
GSS-API functions do.
(cherry picked from commit 4676e823e6ee9a5731872b31c5588c1b5932e0a3)
https://github.com/krb5/krb5/commit/fab95cde1f691ce6becc69bf013e2883d2213c03
Author: Greg Hudson <ghudson at mit.edu>
Committer: Tom Yu <tlyu at mit.edu>
Commit: fab95cde1f691ce6becc69bf013e2883d2213c03
Branch: krb5-1.12
src/lib/gssapi/mechglue/g_initialize.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
More information about the krb5-bugs
mailing list