From: Tom Yu Date: Sat, 13 Dec 2003 01:28:08 +0000 (+0000) Subject: * an_to_ln.c (krb5_aname_to_localname): Don't write one byte past X-Git-Tag: krb5-1.4-beta1~717 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=7943823ea88ccb7e5a2b9e1981f1f601ba261af5;p=krb5.git * an_to_ln.c (krb5_aname_to_localname): Don't write one byte past the end of a string. Found by Christopher Nebergall. ticket: 2024 component: krb5-libs version_reported: 1.3.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15895 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog index 017b9ae7e..7895b7c68 100644 --- a/src/lib/krb5/os/ChangeLog +++ b/src/lib/krb5/os/ChangeLog @@ -1,3 +1,8 @@ +2003-12-12 Tom Yu + + * an_to_ln.c (krb5_aname_to_localname): Don't write one byte past + the end of a string. Found by Christopher Nebergall. + 2003-10-27 Jeffrey Altman * sendto_kdc.c: sockets must be closed with closesocket() and diff --git a/src/lib/krb5/os/an_to_ln.c b/src/lib/krb5/os/an_to_ln.c index 426399e14..c42b82142 100644 --- a/src/lib/krb5/os/an_to_ln.c +++ b/src/lib/krb5/os/an_to_ln.c @@ -643,7 +643,7 @@ krb5_aname_to_localname(krb5_context context, krb5_const_principal aname, const const char *hierarchy[5]; char **mapping_values; int i, nvalid; - char *cp; + char *cp, *s; char *typep, *argp; unsigned int lnsize; @@ -677,11 +677,14 @@ krb5_aname_to_localname(krb5_context context, krb5_const_principal aname, const /* Just use the last one. */ /* Trim the value. */ - cp = &mapping_values[nvalid-1] - [strlen(mapping_values[nvalid-1])]; - while (isspace((int) (*cp))) cp--; - cp++; - *cp = '\0'; + s = mapping_values[nvalid-1]; + cp = s + strlen(s); + while (cp > s) { + cp--; + if (!isspace((int)(*cp))) + break; + *cp = '\0'; + } /* Copy out the value if there's enough room */ if (strlen(mapping_values[nvalid-1])+1 <= (size_t) lnsize)