[krbdev.mit.edu #9175] git commit
Greg Hudson via RT
rt at krbdev.mit.edu
Wed Jul 16 12:22:21 EDT 2025
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9175 >
Avoid undefined memcpy in asn1_encode.c
The C standard specifies that passing null pointers to most standard
library functions results in undefined behavior (C99 7.1.4). This
applies to memcpy() even when the length is 0. insert_bytes() in
asn1_encode.c may be called with a null pointer from an empty
krb5_data or other counted value in a structure to be encoded. Do not
call memcpy() in this case.
Reported by Kirill Furman.
https://github.com/krb5/krb5/commit/4b4a720cacec8827c9b3f65b4920ac1b0075f38e
Author: Greg Hudson <ghudson at mit.edu>
Commit: 4b4a720cacec8827c9b3f65b4920ac1b0075f38e
Branch: master
src/lib/krb5/asn.1/asn1_encode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
More information about the krb5-bugs
mailing list