[krbdev.mit.edu #8334] git commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Fri Jan 8 17:16:17 EST 2016
Check context handle in gss_export_sec_context()
After commit 4f35b27a9ee38ca0b557ce8e6d059924a63d4eff, the
context_handle parameter in gss_export_sec_context() is dereferenced
before arguments are validated by val_exp_sec_ctx_args(). With a null
context_handle, the new code segfaults instead of failing gracefully.
Revert this part of the commit and only dereference context_handle if
it is non-null.
(cherry picked from commit b6f29cbd2ab132e336b5435447348400e9a9e241)
https://github.com/krb5/krb5/commit/b77b952da9ab4bbdb6430f102c0338166a99646c
Author: Tomas Kuthan <tkuthan at gmail.com>
Committer: Tom Yu <tlyu at mit.edu>
Commit: b77b952da9ab4bbdb6430f102c0338166a99646c
Branch: krb5-1.13
src/lib/gssapi/mechglue/g_exp_sec_context.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
More information about the krb5-bugs
mailing list