]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c22914f) | patch
CVE-2022-3437 source4/heimdal: Use constant-time memcmp() in unwrap_des3()
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Wed, 12 Oct 2022 00:57:55 +0000 (13:57 +1300)
committerJule Anger <janger@samba.org>
Mon, 24 Oct 2022 05:27:02 +0000 (07:27 +0200)
commit5f6dbf2ab29bcd30c701cab3daecf5a6a53a44cd
treeeb20b9bbf951c838c525d19b542a1eb6695c67d4tree
parentc22914f845b3eba1c9ad444333f3d044352b7e2ccommit | diff
CVE-2022-3437 source4/heimdal: Use constant-time memcmp() in unwrap_des3()

The surrounding checks all use ct_memcmp(), so this one was presumably
meant to as well.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15134

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source4/heimdal/lib/gssapi/krb5/unwrap.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git