[krbdev.mit.edu #8415] git commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Wed Jul 6 16:32:56 EDT 2016
Check princ length in krb5_sname_match()
krb5_sname_match() can read past the end of princ's component array in
some circumstances (typically when a keytab contains both "x" and
"x/y" principals). Add a length check. Reported by Spencer Jackson.
(cherry picked from commit fb9fcfa92fd37221c77e1a4c0b930383e6839e22)
https://github.com/krb5/krb5/commit/685cb577890bc565ab122bc65027e177c180e12f
Author: Greg Hudson <ghudson at mit.edu>
Committer: Tom Yu <tlyu at mit.edu>
Commit: 685cb577890bc565ab122bc65027e177c180e12f
Branch: krb5-1.13
src/lib/krb5/krb/sname_match.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
More information about the krb5-bugs
mailing list