projects / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3077cc6)
------------------------------------------------------------------------
authorTom Yu <tlyu@mit.edu>
Mon, 28 Sep 2009 20:44:20 +0000 (20:44 +0000)
committerTom Yu <tlyu@mit.edu>
Mon, 28 Sep 2009 20:44:20 +0000 (20:44 +0000)
 r22409 | epeisach | 2009-06-09 22:55:22 -0400 (Tue, 09 Jun 2009) | 7 lines

 ticket: 6511
 subject: krb5int_rd_chpw_rep could call krb5_free_error with random value

 clang picked up on a path in which krberror is not set and passed as
 an argument to krb5_free_error(). Essentially if the clearresult
 length < 2 but everything decodes - you can hit this path...

ticket: 6511
version_fixed: 1.7.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@22798 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/chpw.c patch | blob | history

diff --git a/src/lib/krb5/krb/chpw.c b/src/lib/krb5/krb/chpw.c
index d0cadb4bb77c939075b66aefdfd60577b604b59b..9c3a95a8c0768df893799b671b33b851ce754d86 100644 (file)
--- a/src/lib/krb5/krb/chpw.c
+++ b/src/lib/krb5/krb/chpw.c
@@ -83,7 +83,7 @@ krb5int_rd_chpw_rep(krb5_context context, krb5_auth_context auth_context,
     krb5_error_code ret;
     krb5_data cipherresult;
     krb5_data clearresult;
-    krb5_error *krberror;
+    krb5_error *krberror = NULL;
     krb5_replay_data replay;
     krb5_keyblock *tmp;
 
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.