]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cacdcf8) | patch
Fix invalid JSON handling in KDC OTP module
authorGreg Hudson <ghudson@mit.edu>
Sun, 18 May 2014 21:57:25 +0000 (17:57 -0400)
committerGreg Hudson <ghudson@mit.edu>
Mon, 19 May 2014 14:17:48 +0000 (10:17 -0400)
commitdab1c234e15afdc64dfe776bdbc65bbc17d07e12
tree0511f528e998161f2fc0feaa1ed4ea6b4ee30e8etree | snapshot
parentcacdcf8ebe184326579fabef3ae3f86b16dade81commit | diff
Fix invalid JSON handling in KDC OTP module

If the OTP configuration for a principal contains invalid JSON, the
KDC OTP module calls k5_json_get_tid on a null pointer, causing the
KDC process to crash.  Fix this bug by checking the return value of
k5_json_decode in decode_config_json.

ticket: 7912 (new)
target_version: 1.12.2
tags: pullup
src/plugins/preauth/otp/otp_state.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git