[28719] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.13]: Avoid uninitialized data in t_prf.c
daemon@ATHENA.MIT.EDU (Tom Yu)
Wed Feb 4 18:14:23 2015
Date: Wed, 4 Feb 2015 18:14:17 -0500
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201502042314.t14NEHph014313@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/702e628200d158f9cfd86ba4754657753c952fd1
commit 702e628200d158f9cfd86ba4754657753c952fd1
Author: Tom Yu <tlyu@mit.edu>
Date: Wed Feb 4 17:01:14 2015 -0500
Avoid uninitialized data in t_prf.c
In t_prf.c, make sure that the partially initialized, faked-up
structures gss_union_ctx_id_desc and krb5_gss_ctx_id_rec are zeroed.
This avoids uninitialized reads in gss_pseudo_random(), which can
cause intermittent test failures on some platforms.
(cherry picked from commit b5143bdc766ad4819355ac2cd52f685ec5dafa16)
ticket: 8072
version_fixed: 1.13.1
status: resolved
src/tests/gssapi/t_prf.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/src/tests/gssapi/t_prf.c b/src/tests/gssapi/t_prf.c
index 7f04899..082edff 100644
--- a/src/tests/gssapi/t_prf.c
+++ b/src/tests/gssapi/t_prf.c
@@ -124,8 +124,10 @@ main(int argc, char *argv[])
* implementation.
*/
context = (gss_ctx_id_t)&uctx;
+ memset(&uctx, 0, sizeof(uctx));
uctx.mech_type = &mech_krb5;
uctx.internal_ctx_id = (gss_ctx_id_t)&kgctx;
+ memset(&kgctx, 0, sizeof(kgctx));
kgctx.k5_context = NULL;
kgctx.established = 1;
kgctx.have_acceptor_subkey = 1;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
