MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow
Mike Friedman
mikef at ack.berkeley.edu
Wed Jun 27 16:44:32 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 27 Jun 2007 at 13:33 (-0700), Russ Allbery wrote:
> There's a minor error in my patch in that I replaced:
>
> ((ret.code == 0) ? "success" : error_message(ret.code))
>
> with a simple
>
> error_message(ret.code)
>
> inadvertently. The modification is in the previous message, but the
> quoting wasn't changed so it's a bit hard to see.
Russ,
I see now. Because of line wrapping in my email, it was even harder for
me to see what Lee was correcting. Now I get it.
> This change makes no difference on Linux, since on Linux strerror(0)
> returns "Success" anyway. It may be significant on other platforms.
My KDC is on Solaris, so I'd like to be careful here.
Thanks.
Mike
_________________________________________________________________________
Mike Friedman Information Services & Technology
mikef at ack.Berkeley.EDU 2484 Shattuck Avenue
1-510-642-1410 University of California at Berkeley
http://socrates.berkeley.edu/~mikef http://ist.berkeley.edu
_________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
iQA/AwUBRoLMM60bf1iNr4mCEQJHYACgsHmpu+ICvgVmg1TbMWxzs1BKy+4AoJ6V
mg+gpoWE5xiI4PHz3JjYjrM7
=NyFe
-----END PGP SIGNATURE-----
More information about the krbdev
mailing list