projects / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ce3ba8b)
Ensure null termination of AFS salts
authorGreg Hudson <ghudson@mit.edu>
Fri, 27 Apr 2012 17:04:24 +0000 (17:04 +0000)
committerGreg Hudson <ghudson@mit.edu>
Fri, 27 Apr 2012 17:04:24 +0000 (17:04 +0000)
Use krb5int_copy_data_contents_add0 when copying a pa-pw-salt or
pa-afs3-salt value in pa_salt().  If it's an afs3-salt, we're going to
throw away the length and use strcspn in krb5int_des_string_to_key,
which isn't safe if the value is unterminated.

ticket: 2545

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25833 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/preauth2.c patch | blob | history

diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c
index 25fa581d1cd51162c706f1805cfa9bd215d317fc..9242705927ad4f5561dec82273fb9c9152e43372 100644 (file)
--- a/src/lib/krb5/krb/preauth2.c
+++ b/src/lib/krb5/krb/preauth2.c
@@ -565,7 +565,7 @@ pa_salt(krb5_context context, krb5_kdc_req *request, krb5_pa_data *in_padata,
 
     tmp = padata2data(*in_padata);
     krb5_free_data_contents(context, salt);
-    retval = krb5int_copy_data_contents(context, &tmp, salt);
+    retval = krb5int_copy_data_contents_add0(context, &tmp, salt);
     if (retval)
         return retval;
 
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.