SHA256
1
0
forked from pool/krb5
krb5/krb5-1.6-fix-CVE-2007-5902.dif

14 lines
428 B
Plaintext
Raw Normal View History

Index: src/lib/rpc/svc_auth_gss.c
===================================================================
--- src/lib/rpc/svc_auth_gss.c.orig
+++ src/lib/rpc/svc_auth_gss.c
@@ -671,7 +671,7 @@ svcauth_gss_get_principal(SVCAUTH *auth)
gd = SVCAUTH_PRIVATE(auth);
- if (gd->cname.length == 0)
+ if (gd->cname.length == 0 || gd->cname.length >= SIZE_MAX)
return (NULL);
if ((pname = malloc(gd->cname.length + 1)) == NULL)