[29446] in CVS-changelog-for-Kerberos-V5
krb5 commit: Filter CAMMAC authdata by module->ad_type
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Jun 22 12:46:01 2016
Date: Wed, 22 Jun 2016 12:45:56 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201606221645.u5MGjurK022048@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/7df4aec92aebabaaf14de9de062f526228e65f48
commit 7df4aec92aebabaaf14de9de062f526228e65f48
Author: Matt Rogers <mrogers@redhat.com>
Date: Wed Jun 22 10:29:43 2016 -0400
Filter CAMMAC authdata by module->ad_type
Also, do not leak cammac_authdata.
[ghudson@mit.edu: also fix two sizeof() expressions]
ticket: 8425
src/lib/krb5/krb/authdata.c | 11 ++++++++---
1 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/lib/krb5/krb/authdata.c b/src/lib/krb5/krb/authdata.c
index b5cb788..c56f7bc 100644
--- a/src/lib/krb5/krb/authdata.c
+++ b/src/lib/krb5/krb/authdata.c
@@ -561,13 +561,13 @@ extract_cammacs(krb5_context kcontext, krb5_authdata **cammacs,
/* Add the verified elements to list and free the container array. */
for (n_elements = 0; elements[n_elements] != NULL; n_elements++);
- new_list = realloc(list, (count + n_elements + 1) * sizeof(list));
+ new_list = realloc(list, (count + n_elements + 1) * sizeof(*list));
if (new_list == NULL) {
ret = ENOMEM;
goto cleanup;
}
list = new_list;
- memcpy(list + count, elements, n_elements * sizeof(list));
+ memcpy(list + count, elements, n_elements * sizeof(*list));
count += n_elements;
list[count] = NULL;
free(elements);
@@ -657,7 +657,11 @@ krb5int_authdata_verify(krb5_context kcontext,
}
if (cammac_authdata != NULL && (module->flags & AD_CAMMAC_PROTECTED)) {
- authdata = cammac_authdata;
+ code = krb5_find_authdata(kcontext, cammac_authdata, NULL,
+ module->ad_type, &authdata);
+ if (code)
+ break;
+
kdc_issued_flag = TRUE;
}
@@ -715,6 +719,7 @@ krb5int_authdata_verify(krb5_context kcontext,
cleanup:
krb5_free_principal(kcontext, kdc_issuer);
krb5_free_authdata(kcontext, kdc_issued_authdata);
+ krb5_free_authdata(kcontext, cammac_authdata);
return code;
}
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5