03254981cb
- update to version 1.12
* Add GSSAPI extensions for constructing MIC tokens using IOV lists
* Add a FAST OTP preauthentication module for the KDC which uses
RADIUS to validate OTP token values.
* The AES-based encryption types will use AES-NI instructions
when possible for improved performance.
- revert dependency on libcom_err-mini-devel since it's not yet
available
- update and rebase patches
OBS-URL: https://build.opensuse.org/request/show/213903
OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=114
40 lines
1.2 KiB
Diff
40 lines
1.2 KiB
Diff
commit 13fd26e1863c79f616653f6a10a58c01f65fceff
|
|
Author: Greg Hudson <ghudson@mit.edu>
|
|
Date: Fri Dec 6 18:56:56 2013 -0500
|
|
|
|
Avoid malloc(0) in SPNEGO get_input_token
|
|
|
|
If we read a zero-length token in spnego_mech.c's get_input_token(),
|
|
set the value pointer to NULL instead of calling malloc(0).
|
|
|
|
ticket: 7794 (new)
|
|
|
|
diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
|
|
index 24c3440..3937662 100644
|
|
--- a/src/lib/gssapi/spnego/spnego_mech.c
|
|
+++ b/src/lib/gssapi/spnego/spnego_mech.c
|
|
@@ -3140,14 +3140,17 @@ get_input_token(unsigned char **buff_in, unsigned int buff_length)
|
|
return (NULL);
|
|
|
|
input_token->length = len;
|
|
- input_token->value = gssalloc_malloc(input_token->length);
|
|
+ if (input_token->length > 0) {
|
|
+ input_token->value = gssalloc_malloc(input_token->length);
|
|
+ if (input_token->value == NULL) {
|
|
+ free(input_token);
|
|
+ return (NULL);
|
|
+ }
|
|
|
|
- if (input_token->value == NULL) {
|
|
- free(input_token);
|
|
- return (NULL);
|
|
+ memcpy(input_token->value, *buff_in, input_token->length);
|
|
+ } else {
|
|
+ input_token->value = NULL;
|
|
}
|
|
-
|
|
- (void) memcpy(input_token->value, *buff_in, input_token->length);
|
|
*buff_in += input_token->length;
|
|
return (input_token);
|
|
}
|