From a2231ea83d401ec8811c69f7133656caaa1d9667 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Wed, 9 Feb 2011 20:25:03 +0000 Subject: [PATCH] kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022] When operating in standalone mode and not doing iprop, don't return from do_standalone() if the child exits with abnormal status. ticket: 6859 tags: pullup target_version: 1.9.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24621 dc483132-0cff-0310-8789-dd5450dbe970 --- src/slave/kpropd.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/slave/kpropd.c b/src/slave/kpropd.c index a1d458348..91c11e955 100644 --- a/src/slave/kpropd.c +++ b/src/slave/kpropd.c @@ -414,11 +414,11 @@ retry: } close(s); - if (iproprole == IPROP_SLAVE) + if (iproprole == IPROP_SLAVE) { close(finet); - - if ((ret = WEXITSTATUS(status)) != 0) - return (ret); + if ((ret = WEXITSTATUS(status)) != 0) + return (ret); + } } if (iproprole == IPROP_SLAVE) break; -- 2.26.2