[16754] in Kerberos-V5-bugs
[krbdev.mit.edu #9015] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Mon Jul 12 12:31:22 2021
From: "Greg Hudson via RT" <rt@krbdev.mit.edu>
In-Reply-To:
Message-ID: <rt-4.4.3-2-3421621-1626107369-792.9015-5-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #9015":;
Date: Mon, 12 Jul 2021 12:29:30 -0400
MIME-Version: 1.0
Reply-To: rt@krbdev.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9015 >
Fix use-after-free during krad remote_shutdown()
Since elements of the queue can be removed on out-of-memory errors,
the correct call is K5_TAILQ_FOREACH_SAFE, not K5_TAILQ_FOREACH.
Reported by Coverity.
(cherry picked from commit 8c88defb16b34937d5b72b4832c854ce2dbe32d1)
https://github.com/krb5/krb5/commit/d8c95fe992fe7e0d9314a28364fc26992f1da628
Author: Robbie Harwood <rharwood@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: d8c95fe992fe7e0d9314a28364fc26992f1da628
Branch: krb5-1.19
src/lib/krad/remote.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
