[30823] in CVS-changelog-for-Kerberos-V5
krb5 commit: Improve negoex_parse_token() code hygiene
daemon@ATHENA.MIT.EDU (Greg Hudson)
Sat Jun 13 23:05:53 2020
Date: Sat, 13 Jun 2020 23:05:46 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <202006140305.05E35kXO027277@drugstore.mit.edu>
To: <cvs-krb5@mit.edu>
MIME-Version: 1.0
Reply-To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/4f91b6f8fa6fe1de662b3fdac0d59b7758ec642a
commit 4f91b6f8fa6fe1de662b3fdac0d59b7758ec642a
Author: Robbie Harwood <rharwood@redhat.com>
Date: Tue Jun 9 16:23:37 2020 -0400
Improve negoex_parse_token() code hygiene
If the while loop in negoex_parse_token() runs for zero iterations,
major will be used initialized. Currently this cannot happen, but
only because both of the call sites check for zero-length tokens.
Initialize major for safety.
[ghudson@mit.edu: rewrote commit message]
src/lib/gssapi/spnego/negoex_util.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lib/gssapi/spnego/negoex_util.c b/src/lib/gssapi/spnego/negoex_util.c
index 7003684..99580fd 100644
--- a/src/lib/gssapi/spnego/negoex_util.c
+++ b/src/lib/gssapi/spnego/negoex_util.c
@@ -454,7 +454,7 @@ negoex_parse_token(OM_uint32 *minor, spnego_gss_ctx_id_t ctx,
gss_const_buffer_t token,
struct negoex_message **messages_out, size_t *count_out)
{
- OM_uint32 major;
+ OM_uint32 major = GSS_S_COMPLETE;
size_t count = 0;
struct k5input in;
struct negoex_message *messages = NULL, *newptr;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
