[krbdev.mit.edu #9022] git commit
Greg Hudson via RT
rt at krbdev.mit.edu
Wed Aug 25 18:03:26 EDT 2021
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9022 >
Add more dump.c bounds checks
Although dump files are privileged inputs, the code to read them
should not admit integer overflows. Add bounds checks for several
fields which are used as allocation lengths or are assigned to
structure fields of smaller size and different signedness. Reported
by Sharwan Ram and Kihong Keo.
https://github.com/krb5/krb5/commit/d15930bec22781473c2eaf72c08a145508b373ba
Author: Greg Hudson <ghudson at mit.edu>
Commit: d15930bec22781473c2eaf72c08a145508b373ba
Branch: master
src/kadmin/dbutil/dump.c | 14 +++++++++++++-
1 files changed, 13 insertions(+), 1 deletions(-)
More information about the krb5-bugs
mailing list