[3528] in Kerberos-V5-bugs
Re: [krbdev.mit.edu #1216]
daemon@ATHENA.MIT.EDU (Tom Yu via RT)
Thu Oct 10 19:28:11 2002
Mail-Followup-To: rt@krbdev.mit.edu
Message-Id: <rt-1216-3174.14.2755314938672@krbdev.mit.edu>
In-Reply-To: <rt-1216@krbdev.mit.edu>
From: "Tom Yu via RT" <rt-comment@krbdev.mit.edu>
Reply-To: rt-comment@krbdev.mit.edu
Mail-Copies-To: never
To: nalin@redhat.com
Cc: krb5-prs@mit.edu
Errors-To: krb5-bugs-admin@mit.edu
Date: Thu, 10 Oct 2002 19:27:21 -0400 (EDT)
Thanks for the patch...
>>>>> "nalin" == The RT System itself via RT <rt-comment@krbdev.mit.edu> writes:
nalin> --- src/lib/krb5/os/locate_kdc.c 2002-10-09 14:15:57.000000000 -0400
nalin> +++ src/lib/krb5/os/locate_kdc.c 2002-10-09 14:59:26.000000000 -0400
nalin> @@ -391,7 +391,7 @@
nalin> size = res_search(host, C_IN, T_SRV, answer.bytes, sizeof(answer.bytes));
nalin> - if (size < hdrsize)
nalin> + if ((size < hdrsize) || (size > sizeof(answer.bytes))
nalin> goto out;
nalin> /*
nalin> @@ -463,6 +463,8 @@
nalin> CHECK(p,2);
nalin> rdlen = NTOHSP(p,2);
nalin> + CHECK(p,rdlen);
nalin> +
Could you please explain why this check for rdlen was added? It seems
redundant.
---Tom
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
http://mailman.mit.edu/mailman/listinfo/krb5-bugs
