[16094] in Kerberos-V5-bugs

home help back first fref pref prev next nref lref last post

[krbdev.mit.edu #8726] Directly dereference the pointer certname

daemon@ATHENA.MIT.EDU (Bean Zhang via RT)
Fri Aug 10 10:57:31 2018

Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Bean Zhang via RT" <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <rt-8726@krbdev.mit.edu>
Message-ID: <rt-8726-48744.17.8844133672215@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #8726'":;
Date: Fri, 10 Aug 2018 10:57:21 -0400 (EDT)
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu

Hi Team,

In parse_fs_options() of krb5-1.16.1/src/plugins/preauth/pkinit/pkinit_identity.c,
After calling strtok_r() to assign pointer certname,
we directly dereference it without checking if it is valid.

We should add pointer validity checking for certname after assigning.

Could someone help to take a look?

Thanks,
Bean

_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs

home help back first fref pref prev next nref lref last post