[30157] in CVS-changelog-for-Kerberos-V5
krb5 commit: Check for zero argc in ksu
daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Apr 24 16:10:34 2018
Date: Tue, 24 Apr 2018 16:10:25 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201804242010.w3OKAPW3032612@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/c5b0a998d6349f8c90821a347db5666aed0e50eb
commit c5b0a998d6349f8c90821a347db5666aed0e50eb
Author: Greg Hudson <ghudson@mit.edu>
Date: Tue Apr 24 14:31:35 2018 -0400
Check for zero argc in ksu
Most programs in the tree will perform a null dereference when argc is
zero, but as a setuid program ksu should be extra careful about memory
errors, even if this one is harmless. Check and exit with status 1
immediately.
ticket: 8661
src/clients/ksu/main.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
index 7ff676c..5e79ef5 100644
--- a/src/clients/ksu/main.c
+++ b/src/clients/ksu/main.c
@@ -138,6 +138,8 @@ main (argc, argv)
exit(1);
}
+ if (argc == 0)
+ exit(1);
if (strrchr(argv[0], '/'))
argv[0] = strrchr(argv[0], '/')+1;
prog_name = argv[0];
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
