]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5c6d218)
Tolerate null oid pointer in gss_release_oid()
authorGreg Hudson <ghudson@mit.edu>
Wed, 10 Jun 2015 23:48:51 +0000 (19:48 -0400)
committerGreg Hudson <ghudson@mit.edu>
Thu, 11 Jun 2015 16:03:01 +0000 (12:03 -0400)
Under some circumstances, gss_inquire_name() can call
gss_release_oid() with a null oid pointer, which currently causes a
null dereference.  The least invasive fix is for gss_release_oid() to
check for the invalid null pointer and return an error, like other
GSS-API functions do.

ticket: 8201 (new)
target_version: 1.13.3
tags: pullup

src/lib/gssapi/mechglue/g_initialize.c patch | blob | blame | history

diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
index 2987164edc7e4a3187570721882466c831c47bfa..b7e8a8daf8c9c04f6b15fbed452277de3f75f6db 100644 (file)
--- a/src/lib/gssapi/mechglue/g_initialize.c
+++ b/src/lib/gssapi/mechglue/g_initialize.c
@@ -168,7 +168,7 @@ gss_OID *oid;
        OM_uint32 major;
        gss_mech_info aMech;
 
-       if (minor_status == NULL)
+       if (minor_status == NULL || oid == NULL)
                return (GSS_S_CALL_INACCESSIBLE_WRITE);
 
        *minor_status = gssint_mechglue_initialize_library();
Mirror of https://github.com/krb5/krb5.git