[5114] in Kerberos
memory stomping bug in krb5_make_fulladdr
daemon@ATHENA.MIT.EDU (Scott Schwartz)
Mon May 8 23:56:12 1995
To: kerberos@MIT.EDU
Date: 09 May 1995 03:44:35 GMT
From: schwartz@galapagos.cse.psu.edu (Scott Schwartz)
There's a typo in lib/krb5/ls/mk_faddr.c that can cause serious memory
corruption (telnet -a -f will exercise this.) Here's a patch:
*** 1.1 1995/05/08 22:31:34
--- mk_faddr.c 1995/05/08 22:36:53
***************
*** 49,55 ****
return EINVAL;
raddr->length = kaddr->length + kport->length + (4 * sizeof(krb5_int32));
! if (!(raddr->contents = (krb5_octet *)malloc(kaddr->length)))
return ENOMEM;
raddr->addrtype = ADDRTYPE_ADDRPORT;
--- 49,55 ----
return EINVAL;
raddr->length = kaddr->length + kport->length + (4 * sizeof(krb5_int32));
! if (!(raddr->contents = (krb5_octet *)malloc(raddr->length)))
return ENOMEM;
raddr->addrtype = ADDRTYPE_ADDRPORT;