[krbdev.mit.edu #8481] git commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Fri Sep 2 17:04:37 EDT 2016
Improve checking of decoded DB2 principal values
In krb5_decode_princ_entry(), verify the length of the principal name
before calling krb5_parse_name() or strlen(), to avoid a possible
buffer read overrun. Check all length fields for negative values.
Avoid performing arithmetic as part of bounds checks. If the value of
key_data_ver is unexpected, return KRB5_KDB_BAD_VERSION instead of
aborting.
(cherry picked from commit e3d9f03a658e247dbb43cb345aa93a28782fd995)
https://github.com/krb5/krb5/commit/c0ecbfbac487fc532487f084332739edd91af76d
Author: Greg Hudson <ghudson at mit.edu>
Committer: Tom Yu <tlyu at mit.edu>
Commit: c0ecbfbac487fc532487f084332739edd91af76d
Branch: krb5-1.14
src/plugins/kdb/db2/kdb_xdr.c | 39 +++++++++++++++++++++++++--------------
1 files changed, 25 insertions(+), 14 deletions(-)
More information about the krb5-bugs
mailing list