git.tremily.us Git - krb5.git/commit

author	Tom Yu <tlyu@mit.edu>
	Tue, 9 Jan 2007 19:45:25 +0000 (19:45 +0000)
committer	Tom Yu <tlyu@mit.edu>
	Tue, 9 Jan 2007 19:45:25 +0000 (19:45 +0000)
commit	8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f
tree	f6272083f3a3644e2c9410792cc20d40da1a70b5	tree \| snapshot
parent	80f701fb42806dc549cf86a83b3aadbdd07d4c6b	commit \| diff

MITKRB5-SA-2006-003: mechglue argument handling too lax

Fix mechglue argument checks so that output pointers are always
initialized regardless of whether the other arguments fail to validate
for some reason. This avoids freeing of uninitialized pointers.

Initialize the gss_buffer_descs in ovsec_kadmd.c.

ticket: new
target_version: 1.6
tags: pullup
component: krb5-libs

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19043 dc483132-0cff-0310-8789-dd5450dbe970

25 files changed:

src/kadmin/server/ovsec_kadmd.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_accept_sec_context.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_acquire_cred.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_canon_name.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_compare_name.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_delete_sec_context.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_dsp_name.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_dsp_status.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_dup_name.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_exp_sec_context.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_export_name.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_imp_name.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_imp_sec_context.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_init_sec_context.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_initialize.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_inq_context.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_inq_cred.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_inq_names.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_process_context.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_seal.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_sign.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_store_cred.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_unseal.c		diff \| blob \| history
src/lib/gssapi/mechglue/g_verify.c		diff \| blob \| history
src/lib/gssapi/mechglue/oid_ops.c		diff \| blob \| history

MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.

RSS Atom