From a2402f9d816014f3df88557d3cfb52005e90b8fb Mon Sep 17 00:00:00 2001 From: Ezra Peisach Date: Sat, 30 Dec 2006 06:09:25 +0000 Subject: [PATCH] If gss_krb5int_unseal_token_v3() unwraps a message of length 0 - free memory and return in message_buffer a NULL pointer for value. This is consistant with gss_release_buffer in the mechglue implementation in which memory is only freed if the buffer length != 0. ticket: 5233 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19022 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/gssapi/krb5/k5sealv3.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/lib/gssapi/krb5/k5sealv3.c b/src/lib/gssapi/krb5/k5sealv3.c index d83ac8593..2c084865e 100644 --- a/src/lib/gssapi/krb5/k5sealv3.c +++ b/src/lib/gssapi/krb5/k5sealv3.c @@ -418,6 +418,10 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr, } message_buffer->value = plain.data; message_buffer->length = plain.length - ec - 16; + if(message_buffer->length == 0) { + free(message_buffer->value); + message_buffer->value = NULL; + } } else { /* no confidentiality */ if (conf_state) -- 2.26.2