[28666] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.13]: Use gssalloc_malloc for GSS error tokens
daemon@ATHENA.MIT.EDU (Tom Yu)
Tue Dec 16 14:25:50 2014
Date: Tue, 16 Dec 2014 14:25:42 -0500
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201412161925.sBGJPghj019808@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/9443dd349fccd3b4a72551a99a91cd6c8296bc55
commit 9443dd349fccd3b4a72551a99a91cd6c8296bc55
Author: Greg Hudson <ghudson@mit.edu>
Date: Tue Oct 7 20:22:52 2014 -0400
Use gssalloc_malloc for GSS error tokens
In kg_accept_krb5, use gssalloc_malloc when allocating space for the
error token, since it will be freed with gssalloc_free. Using malloc
can cause heap corruption on Windows. This bug was masked by #1445
before 1.12.
(cherry picked from commit 68cfc8b4e6338b78dce5a960ce47974a73906fac)
ticket: 8024
version_fixed: 1.13.1
status: resolved
src/lib/gssapi/krb5/accept_sec_context.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index 45e1841..014d24b 100644
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -1243,7 +1243,7 @@ fail:
toktype = KG_TOK_CTX_ERROR;
token.length = g_token_size(mech_used, tmsglen);
- token.value = (unsigned char *) xmalloc(token.length);
+ token.value = gssalloc_malloc(token.length);
if (!token.value)
goto done;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5