[16073] in Kerberos-V5-bugs
[krbdev.mit.edu #8704] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Thu Jun 28 00:53:00 2018
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Greg Hudson via RT" <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <rt-8704@krbdev.mit.edu>
Message-ID: <rt-8704-48690.6.82269946283007@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #8704'":;
Date: Thu, 28 Jun 2018 00:52:47 -0400 (EDT)
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Fix OTP secret file leak and whitespace removal
In read_secret_file() in the OTP kdcpreauth module, add a cleanup
label and free filename on exit. Also fix the whitespace stripping
code to correctly find the end offset, and use size_t rather than int
offsets. The leak was reported by Bean Zhang.
https://github.com/krb5/krb5/commit/396c736c0add2e13f4a9aaaefc9c86445b701953
Author: Greg Hudson <ghudson@mit.edu>
Commit: 396c736c0add2e13f4a9aaaefc9c86445b701953
Branch: master
src/plugins/preauth/otp/otp_state.c | 15 +++++++++------
1 files changed, 9 insertions(+), 6 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs