projects / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b08ef98)
pull up r20179 from trunk
authorTom Yu <tlyu@mit.edu>
Sat, 15 Dec 2007 01:23:08 +0000 (01:23 +0000)
committerTom Yu <tlyu@mit.edu>
Sat, 15 Dec 2007 01:23:08 +0000 (01:23 +0000)
 r20179@cathode-dark-space:  tlyu | 2007-12-13 23:38:42 -0500
 ticket: 5857
 target_version: 1.6.4
 tags: pullup

 fix CVE-2007-5972: double fclose() in krb5_def_store_mkey()

ticket: 5857
version_fied: 1.6.4

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-6@20187 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/kdb/kdb_default.c patch | blob | history

diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c
index 34e8dc0474c50237c49a66b8accd4d88a4a7b3ee..27f8b27fb5c0f3bd77fa8185d7140673fe26533b 100644 (file)
--- a/src/lib/kdb/kdb_default.c
+++ b/src/lib/kdb/kdb_default.c
@@ -185,8 +185,7 @@ krb5_def_store_mkey(context, keyfile, mname, key, master_pwd)
                kf) != key->length)) {
        retval = errno;
        (void) fclose(kf);
-    }
-    if (fclose(kf) == EOF)
+    } else if (fclose(kf) == EOF)
        retval = errno;
 #if HAVE_UMASK
     (void) umask(oumask);
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.