pull up r23695 from trunk

 ------------------------------------------------------------------------
 r23695 | tlyu | 2010-02-04 22:05:42 -0500 (Thu, 04 Feb 2010) | 8 lines

 ticket: 6598
 tags: pullup
 target_version: 1.8

 Apply patch from Arlene Berry to return a comparable static OID object
 instead of the application-passed (probably dynamically allocated)
 OID, to avoid use-after-free problems.

ticket: 6598
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23706 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c
index 9b6f3ecff8fdb35bfe3cdb134757c38eaef4aa8b..cbc9ed9362eaa300cf2de32ba11d42ff839e57a3 100644 (file)
--- a/src/lib/gssapi/krb5/init_sec_context.c
+++ b/src/lib/gssapi/krb5/init_sec_context.c
@@ -979,12 +979,15 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle,
             err = 1;
         }
     } else if (g_OID_equal(mech_type, gss_mech_krb5)) {
+        mech_type = (gss_OID) gss_mech_krb5;
         if (!cred->rfc_mech)
             err = 1;
     } else if (g_OID_equal(mech_type, gss_mech_krb5_old)) {
+        mech_type = (gss_OID) gss_mech_krb5_old;
         if (!cred->prerfc_mech)
             err = 1;
     } else if (g_OID_equal(mech_type, gss_mech_krb5_wrong)) {
+        mech_type = (gss_OID) gss_mech_krb5_wrong;
         if (!cred->rfc_mech)
             err = 1;
     } else {