[29389] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix krb5_def_fetch_mkey_list() segfault
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Apr 22 15:00:41 2016
Date: Fri, 22 Apr 2016 15:00:37 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201604221900.u3MJ0b28019965@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/83494605b2dd594ab33f9b3cfa5abc82cf0f9e92
commit 83494605b2dd594ab33f9b3cfa5abc82cf0f9e92
Author: Matt Rogers <mrogers@redhat.com>
Date: Fri Apr 15 17:27:36 2016 -0400
Fix krb5_def_fetch_mkey_list() segfault
Return KRB5_KDB_NOMASTERKEY if K/M contains no key data, instead of
blindly dereferencing the first key data element.
ticket: 8395 (new)
target_version: 1.14-next
target_version: 1.13-next
tags: pullup
src/lib/kdb/kdb_default.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c
index 416f7d7..ebda9d6 100644
--- a/src/lib/kdb/kdb_default.c
+++ b/src/lib/kdb/kdb_default.c
@@ -445,6 +445,11 @@ krb5_def_fetch_mkey_list(krb5_context context,
if (retval)
return (retval);
+ if (master_entry->n_key_data == 0) {
+ retval = KRB5_KDB_NOMASTERKEY;
+ goto clean_n_exit;
+ }
+
/*
* Check if the input mkey is the latest key and if it isn't then find the
* latest mkey.
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
