[16781] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[krbdev.mit.edu #9022] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Wed Aug 25 18:03:33 2021

From: "Greg Hudson via RT" <rt@krbdev.mit.edu>
In-Reply-To: 
Message-ID: <rt-4.4.3-2-1999396-1629929006-1188.9022-5-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #9022":;
Date: Wed, 25 Aug 2021 18:03:26 -0400
MIME-Version: 1.0
Reply-To: rt@krbdev.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu


<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9022 >


Add more dump.c bounds checks

Although dump files are privileged inputs, the code to read them
should not admit integer overflows.  Add bounds checks for several
fields which are used as allocation lengths or are assigned to
structure fields of smaller size and different signedness.  Reported
by Sharwan Ram and Kihong Keo.

https://github.com/krb5/krb5/commit/d15930bec22781473c2eaf72c08a145508b373ba
Author: Greg Hudson <ghudson@mit.edu>
Commit: d15930bec22781473c2eaf72c08a145508b373ba
Branch: master
 src/kadmin/dbutil/dump.c |   14 +++++++++++++-
 1 files changed, 13 insertions(+), 1 deletions(-)

_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16781] in Kerberos-V5-bugs

[krbdev.mit.edu #9022] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)Wed Aug 25 18:03:33 2021

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Wed Aug 25 18:03:33 2021