calculate
/
gentoo-overlay
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '118e9e63c1'
${ noResults }
gentoo-overlay/app-crypt/mit-krb5/files/CVE-2011-0285.patch

40 lines
1.1 KiB
Raw Blame History

diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c
index 1124445..0056885 100644
--- a/src/kadmin/server/schpw.c
+++ b/src/kadmin/server/schpw.c
@@ -52,6 +52,7 @@ process_chpw_request(context, server_handle, realm, keytab,
ret = 0;
rep->length = 0;
+ rep->data = NULL;
auth_context = NULL;
changepw = NULL;
@@ -76,8 +77,13 @@ process_chpw_request(context, server_handle, realm, keytab,
plen = (*ptr++ & 0xff);
plen = (plen<<8) | (*ptr++ & 0xff);
- if (plen != req->length)
- return(KRB5KRB_AP_ERR_MODIFIED);
+ if (plen != req->length) {
+ ret = KRB5KRB_AP_ERR_MODIFIED;
+ numresult = KRB5_KPASSWD_MALFORMED;
+ strlcpy(strresult, "Request length was inconsistent",
+ sizeof(strresult));
+ goto chpwfail;
+ }
/* verify version number */
@@ -531,6 +537,10 @@ cleanup:
if (local_kaddrs != NULL)
krb5_free_addresses(server_handle->context, local_kaddrs);
+ if ((*response)->data == NULL) {
+ free(*response);
+ *response = NULL;
+ }
krb5_kt_close(server_handle->context, kt);
return ret;
Reference in new issue View Git Blame Copy Permalink