[prev in list] [next in list] [prev in thread] [next in thread]
List: krb5-cvs
Subject: krb5 commit [krb5-1.13]: Check for null name_type in gss_display_name_ext
From: Tom Yu <tlyu () mit ! edu>
Date: 2015-09-16 21:27:30
Message-ID: 201509162127.t8GLRUJH029431 () drugstore ! mit ! edu
[Download RAW message or body]
https://github.com/krb5/krb5/commit/ed0bb3902e1bea38bee829d37c7d4eaa5e4f2263
commit ed0bb3902e1bea38bee829d37c7d4eaa5e4f2263
Author: Solly Ross <sross@redhat.com>
Date: Thu Aug 27 15:55:35 2015 -0400
Check for null name_type in gss_display_name_ext
It is possible for the input name's name_type to be GSS_C_NO_OID.
g_OID_equal() does not account for GSS_C_NO_OID, so we have to
manually check before use to prevent null pointer dereferences.
(cherry picked from commit 3fdf09ac9a36581b47f40c9d177e463cc12687ff)
ticket: 8238
version_fixed: 1.13.3
status: resolved
src/lib/gssapi/mechglue/g_dsp_name_ext.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/src/lib/gssapi/mechglue/g_dsp_name_ext.c b/src/lib/gssapi/mechglue/g_dsp_name_ext.c
index 14326a3..be08dd1 100644
--- a/src/lib/gssapi/mechglue/g_dsp_name_ext.c
+++ b/src/lib/gssapi/mechglue/g_dsp_name_ext.c
@@ -94,6 +94,7 @@ gss_display_name_ext (OM_uint32 *minor_status,
status = GSS_S_BAD_NAME;
else if (mech->gss_display_name_ext == NULL) {
if (mech->gss_display_name != NULL &&
+ union_name->name_type != GSS_C_NO_OID &&
g_OID_equal(display_as_name_type, union_name->name_type)) {
status = (*mech->gss_display_name)(minor_status,
union_name->mech_name,
@@ -114,7 +115,8 @@ gss_display_name_ext (OM_uint32 *minor_status,
return status;
}
- if (!g_OID_equal(display_as_name_type, union_name->name_type))
+ if (union_name->name_type == GSS_C_NO_OID ||
+ !g_OID_equal(display_as_name_type, union_name->name_type))
return GSS_S_UNAVAILABLE;
if ((output_name_buffer->value =
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic