[29426] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix unlikely pointer error in get_in_tkt.c
daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue May 31 21:49:04 2016
Date: Tue, 31 May 2016 21:48:49 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201606010148.u511mneA031555@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/24452cd737951fa6e0f35e97c6a644a9db0aa82d
commit 24452cd737951fa6e0f35e97c6a644a9db0aa82d
Author: Greg Hudson <ghudson@mit.edu>
Date: Mon May 9 13:45:06 2016 -0400
Fix unlikely pointer error in get_in_tkt.c
In add_padata(), reset the caller's pointer and ensure the list is
terminated as soon as realloc() succeeds; otherwise, the old pointer
could be left behind if a later allocation fails.
ticket: 8413 (new)
target_version: 1.14-next
target_version: 1.13-next
tags: pullup
src/lib/krb5/krb/get_in_tkt.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index 37f29cc..24cd970 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -344,10 +344,11 @@ add_padata(krb5_pa_data ***padptr, krb5_preauthtype pa_type,
if (pad)
for (size=0; pad[size]; size++);
pad = realloc(pad, sizeof(*pad)*(size+2));
-
if (pad == NULL)
return ENOMEM;
- pad[size+1] = NULL;
+ *padptr = pad;
+ pad[size] = pad[size + 1] = NULL;
+
pa = malloc(sizeof(krb5_pa_data));
if (pa == NULL)
return ENOMEM;
@@ -363,7 +364,6 @@ add_padata(krb5_pa_data ***padptr, krb5_preauthtype pa_type,
}
pa->pa_type = pa_type;
pad[size] = pa;
- *padptr = pad;
return 0;
}
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5