[krbdev.mit.edu #9224] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Wed Jul 15 16:30:26 EDT 2026
Wed Jul 15 16:30:26 2026: Request 9224 was acted upon.
Transaction: Ticket created by ghudson at mit.edu
Queue: krb5
Subject: git commit
Owner: ghudson at mit.edu
Requestors:
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9224 >
Prevent integer overrun in keytab parsing
In krb5_ktfileint_internal_read_entry(), once we have read the size
and determined the starting point of a keytab record, bounds-check the
size to prevent an integer overflow when we seek to the next record.
(Discovered by OSS-Fuzz.)
https://github.com/krb5/krb5/commit/c5629fdffee70a296429d580a890e21c6fa17665
Author: Greg Hudson <ghudson at mit.edu>
Commit: c5629fdffee70a296429d580a890e21c6fa17665
Branch: master
src/lib/krb5/keytab/kt_file.c | 2 ++
src/tests/fuzzing/fuzz_keytab_seed_corpus/big_size | Bin 0 -> 28 bytes
2 files changed, 2 insertions(+)
More information about the krb5-bugs
mailing list