+2002-08-15 Ken Raeburn <raeburn@mit.edu>
+
+ * cc_file.c (ALLOC): Use calloc, not malloc.
+ (krb5_fcc_read_principal): Check bounds on number of components
+ before calling ALLOC.
+
2002-08-15 Tom Yu <tlyu@mit.edu>
* t_cc.c: Remove references to STDIO ccache.
#define ALLOC(NUM,TYPE) \
(((NUM) <= (((size_t)0-1)/ sizeof(TYPE))) \
- ? (TYPE *) malloc((NUM) * sizeof(TYPE)) \
+ ? (TYPE *) calloc((NUM), sizeof(TYPE)) \
: (errno = ENOMEM,(TYPE *) 0))
static krb5_error_code
*/
if (data->version == KRB5_FCC_FVNO_1)
length--;
+ if (length < 0)
+ return KRB5_CC_NOMEM;
tmpprinc = (krb5_principal) malloc(sizeof(krb5_principal_data));
if (tmpprinc == NULL)
return KRB5_CC_NOMEM;
if (length) {
- tmpprinc->data = ALLOC (length, krb5_data);
+ size_t msize = length;
+ if (msize != length) {
+ free(tmpprinc);
+ return KRB5_CC_NOMEM;
+ }
+ tmpprinc->data = ALLOC (msize, krb5_data);
if (tmpprinc->data == 0) {
free((char *)tmpprinc);
return KRB5_CC_NOMEM;