Apply patch from Arlene Berry to return a comparable static OID object

instead of the application-passed (probably dynamically allocated)
OID, to avoid use-after-free problems.

ticket: 6598
tags: pullup
target_version: 1.8

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23695 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c
index 9b6f3ecff8fdb35bfe3cdb134757c38eaef4aa8b..cbc9ed9362eaa300cf2de32ba11d42ff839e57a3 100644 (file)
--- a/src/lib/gssapi/krb5/init_sec_context.c
+++ b/src/lib/gssapi/krb5/init_sec_context.c
@@ -979,12 +979,15 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle,
             err = 1;
         }
     } else if (g_OID_equal(mech_type, gss_mech_krb5)) {
+        mech_type = (gss_OID) gss_mech_krb5;
         if (!cred->rfc_mech)
             err = 1;
     } else if (g_OID_equal(mech_type, gss_mech_krb5_old)) {
+        mech_type = (gss_OID) gss_mech_krb5_old;
         if (!cred->prerfc_mech)
             err = 1;
     } else if (g_OID_equal(mech_type, gss_mech_krb5_wrong)) {
+        mech_type = (gss_OID) gss_mech_krb5_wrong;
         if (!cred->rfc_mech)
             err = 1;
     } else {