From: Greg Hudson Date: Mon, 3 Nov 2008 21:05:25 +0000 (+0000) Subject: Apply Apple patch to null out key->contents after freeing on failure, X-Git-Tag: krb5-1.7-alpha1~233 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=65317bca348ba8f6e19f008c06dcf4eb4e65e8a1;p=krb5.git Apply Apple patch to null out key->contents after freeing on failure, eliminating the possibility that the pointer will be used after free. ticket: 6247 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20961 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/crypto/string_to_key.c b/src/lib/crypto/string_to_key.c index 03165ab25..71d9db650 100644 --- a/src/lib/crypto/string_to_key.c +++ b/src/lib/crypto/string_to_key.c @@ -93,6 +93,8 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype, if (ret) { memset(key->contents, 0, keylength); free(key->contents); + key->length = 0; + key->contents = NULL; } return(ret);