]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ab1304e)
Tolerate null oid pointer in gss_release_oid()
authorGreg Hudson <ghudson@mit.edu>
Wed, 10 Jun 2015 23:48:51 +0000 (19:48 -0400)
committerTom Yu <tlyu@mit.edu>
Wed, 9 Dec 2015 19:53:54 +0000 (14:53 -0500)
Under some circumstances, gss_inquire_name() can call
gss_release_oid() with a null oid pointer, which currently causes a
null dereference.  The least invasive fix is for gss_release_oid() to
check for the invalid null pointer and return an error, like other
GSS-API functions do.

(cherry picked from commit 4676e823e6ee9a5731872b31c5588c1b5932e0a3)

ticket: 8303 (new)
version_fixed: 1.12.5
status: resolved

src/lib/gssapi/mechglue/g_initialize.c patch | blob | blame | history

diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c
index 68aa7a7aa9406c3539009b4de82937165f01623d..97048f3f8e6d03d79832dfbe78abfdf9d851a5de 100644 (file)
--- a/src/lib/gssapi/mechglue/g_initialize.c
+++ b/src/lib/gssapi/mechglue/g_initialize.c
@@ -164,7 +164,7 @@ gss_OID *oid;
        OM_uint32 major;
        gss_mech_info aMech;
 
-       if (minor_status == NULL)
+       if (minor_status == NULL || oid == NULL)
                return (GSS_S_CALL_INACCESSIBLE_WRITE);
 
        *minor_status = gssint_mechglue_initialize_library();
Mirror of https://github.com/krb5/krb5.git