]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c9a83ad)
Fix leak in KDC NDR encoding
authorGreg Hudson <ghudson@mit.edu>
Tue, 5 Mar 2024 22:38:49 +0000 (17:38 -0500)
committerGreg Hudson <ghudson@mit.edu>
Mon, 24 Jun 2024 23:39:19 +0000 (19:39 -0400)
If the KDC tries to encode a principal containing encode invalid UTF-8
sequences for inclusion in a PAC delegation info buffer, it will leak
a small amount of memory in enc_wchar_pointer() before failing.  Fix
the leak.

(cherry picked from commit 7d0d85bf99caf60c0afd4dcf91b0c4c683b983fe)

ticket: 9115
version_fixed: 1.21.3

src/kdc/ndr.c patch | blob | blame | history

diff --git a/src/kdc/ndr.c b/src/kdc/ndr.c
index 48395abe52698f5fe6b516e066ab188b0404ab01..d438408ee274a7e309318c9905060bd76b9c1ed5 100644 (file)
--- a/src/kdc/ndr.c
+++ b/src/kdc/ndr.c
@@ -96,14 +96,13 @@ enc_wchar_pointer(const char *utf8, struct encoded_wchars *encoded_out)
     size_t utf16len, num_wchars;
     uint8_t *utf16;
 
-    k5_buf_init_dynamic(&b);
-
     ret = k5_utf8_to_utf16le(utf8, &utf16, &utf16len);
     if (ret)
         return ret;
 
     num_wchars = utf16len / 2;
 
+    k5_buf_init_dynamic(&b);
     k5_buf_add_uint32_le(&b, num_wchars + 1);
     k5_buf_add_uint32_le(&b, 0);
     k5_buf_add_uint32_le(&b, num_wchars);
Mirror of https://github.com/krb5/krb5.git