git.ipfire.org Git - thirdparty/krb5.git/commit

author	Greg Hudson <ghudson@mit.edu>
	Wed, 21 May 2014 16:03:00 +0000 (12:03 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Sat, 24 May 2014 15:11:33 +0000 (11:11 -0400)
commit	0bf18fd4363f9f1244688daac224bd456bf52e7f
tree	90ae0d81e9b198f154065037639447155cab8d46	tree
parent	f4fce5afd8c4bb5e46aa7041f10118026c5152f0	commit \| diff

Improve pointer hygiene around gss_display_name

GSSAPI functions are responsible for setting their output parameters
on failure. Take greater care to do so in krb5_gss_display_name.

The mechglue is generally defensive about initializing variables used
as outputs, and not assuming that mechs will set them on failure.
Make gssint_convert_name_to_union_name initialize
union_name->external_name before calling mech->gss_display_name, so
that if the mech's gss_display_name doesn't touch it, we don't free an
uninitialized pointer.

Either one of these changes prevents an unlikely memory bug which
could occur if krb5_gss_init_context fails within
krb5_gss_display_name when called from
gssint_convert_name_to_union_name.

ticket: 7915 (new)
target_version: 1.12.2

src/lib/gssapi/krb5/disp_name.c		diff \| blob \| blame \| history
src/lib/gssapi/mechglue/g_glue.c		diff \| blob \| blame \| history