[prev in list] [next in list] [prev in thread] [next in thread]
List: krb5-bugs
Subject: [krbdev.mit.edu #7948] git commit
From: "Tom Yu via RT" <rt-comment () krbdev ! mit ! edu>
Date: 2014-06-27 18:52:04
Message-ID: rt-7948-40993.8.00730323495621 () krbdev ! mit ! edu
[Download RAW message or body]
Fix unlikely null dereference in mk_cred()
If krb5_encrypt_keyhelper() returns an error, the ciphertext structure
may contain a non-zero length, but it will already have freed the
pointer to its data, making encrypt_credencpart()'s subsequent attempt
to clear and free the memory fail. Remove that logic.
Based on a patch from Jatin Nansi.
(cherry picked from commit 476284de8dc9a52b5544445cb1b316a417ae88f0)
https://github.com/krb5/krb5/commit/e5bb07c9eb7ddb3cc575dfa238748f7227f1fdd2
Author: Nalin Dahyabhai <nalin@redhat.com>
Committer: Tom Yu <tlyu@mit.edu>
Commit: e5bb07c9eb7ddb3cc575dfa238748f7227f1fdd2
Branch: krb5-1.12
src/lib/krb5/krb/mk_cred.c | 7 -------
1 files changed, 0 insertions(+), 7 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic