git.ipfire.org Git - thirdparty/krb5.git/commit

]> git.ipfire.org Git - thirdparty/krb5.git/commit

projects / thirdparty / krb5.git / commit

author	Nalin Dahyabhai <nalin@redhat.com>
	Wed, 25 Jun 2014 16:56:42 +0000 (12:56 -0400)
committer	Tom Yu <tlyu@mit.edu>
	Fri, 6 Feb 2015 22:51:19 +0000 (17:51 -0500)
commit	cb819b0dfcaecb7989c4a0cfe7d9da039545576b
tree	4555b070c82d5089f68a2519c82ce70144bb6586	tree \| snapshot
parent	384120086cb68e1588176a2056425c912c169575	commit \| diff

Fix unlikely null dereference in mk_cred()

If krb5_encrypt_keyhelper() returns an error, the ciphertext structure
may contain a non-zero length, but it will already have freed the
pointer to its data, making encrypt_credencpart()'s subsequent attempt
to clear and free the memory fail. Remove that logic.

Based on a patch from Jatin Nansi.

(cherry picked from commit 476284de8dc9a52b5544445cb1b316a417ae88f0)

ticket: 8107 (new)
version_fixed: 1.11.6
status: resolved

src/lib/krb5/krb/mk_cred.c

diff | blob | blame | history

Mirror of https://github.com/krb5/krb5.git

RSS Atom