projects / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5cad26b) | patch
ASN.1 code passes uninitialized values around
authorTom Yu <tlyu@mit.edu>
Tue, 8 Oct 2002 02:27:39 +0000 (02:27 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 8 Oct 2002 02:27:39 +0000 (02:27 +0000)
commit2d59b5f412e0eacf4c89008b14df8251a92cae09
treefe7fe64ecd0128e17371ab07efa49102be56ad01tree | snapshot
parent5cad26bc84245c7ca6b63f1d50675ef67d78bd48commit | diff
ASN.1 code passes uninitialized values around

* asn1_get.c (asn1_get_tag_indef): Stomp on asn1class,
construction, retlen, and indef, even if we've hit the end of the
buffer, to avoid passing uninitialized values around.

* asn1_k_decode.c: Reformat somewhat and add comments to demystify
things a little.
(opt_field): Fix to explicitly check for end of subbuf before
verifying the pre-fetched tag, which may have been stomped on by
asn1_get_tag_indef() encountering end-of-buffer.

* krb5_decode.c (opt_field, opt_lenfield): Fix to explicitly check
for end of subbuf before verifying the pre-fetched tag, which may
have been stomped on by asn1_get_tag_indef() encountering
end-of-buffer.

ticket: new
target_version: 1.3

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14913 dc483132-0cff-0310-8789-dd5450dbe970
src/lib/krb5/asn.1/ChangeLog diff | blob | history
src/lib/krb5/asn.1/asn1_get.c diff | blob | history
src/lib/krb5/asn.1/asn1_k_decode.c diff | blob | history
src/lib/krb5/asn.1/krb5_decode.c diff | blob | history
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.