[16164] in Kerberos-V5-bugs
[krbdev.mit.edu #8704] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Tue Oct 30 12:25:53 2018
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Greg Hudson via RT" <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <rt-8704@krbdev.mit.edu>
Message-ID: <rt-8704-49060.2.64359231183583@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #8704'":;
Date: Tue, 30 Oct 2018 12:25:39 -0400 (EDT)
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Fix OTP secret file leak and whitespace removal
In read_secret_file() in the OTP kdcpreauth module, add a cleanup
label and free filename on exit. Also fix the whitespace stripping
code to correctly find the end offset, and use size_t rather than int
offsets. The leak was reported by Bean Zhang.
(cherry picked from commit 396c736c0add2e13f4a9aaaefc9c86445b701953)
https://github.com/krb5/krb5/commit/e7e666c8ecd0f2e515a28dcc8eb6b67a3557243a
Author: Greg Hudson <ghudson@mit.edu>
Commit: e7e666c8ecd0f2e515a28dcc8eb6b67a3557243a
Branch: krb5-1.16
src/plugins/preauth/otp/otp_state.c | 15 +++++++++------
1 files changed, 9 insertions(+), 6 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs