[krbdev.mit.edu #9224] git commit

Greg Hudson via RT rt-comment at krbdev.mit.edu
Wed Jul 15 16:30:26 EDT 2026


Wed Jul 15 16:30:26 2026: Request 9224 was acted upon.
 Transaction: Ticket created by ghudson at mit.edu
       Queue: krb5
     Subject: git commit
       Owner: ghudson at mit.edu
  Requestors: 
      Status: new
 Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9224 >



Prevent integer overrun in keytab parsing

In krb5_ktfileint_internal_read_entry(), once we have read the size
and determined the starting point of a keytab record, bounds-check the
size to prevent an integer overflow when we seek to the next record.

(Discovered by OSS-Fuzz.)

https://github.com/krb5/krb5/commit/c5629fdffee70a296429d580a890e21c6fa17665
Author: Greg Hudson <ghudson at mit.edu>
Commit: c5629fdffee70a296429d580a890e21c6fa17665
Branch: master
 src/lib/krb5/keytab/kt_file.c                      |   2 ++
 src/tests/fuzzing/fuzz_keytab_seed_corpus/big_size | Bin 0 -> 28 bytes
 2 files changed, 2 insertions(+)



More information about the krb5-bugs mailing list