From: Alexandra Ellwood Date: Fri, 15 Aug 2003 19:54:14 +0000 (+0000) Subject: krb_check_auth clears the return value for the schedule parameter with a memset.... X-Git-Tag: krb5-1.4-beta1~771 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=42dee60a3c9b4623f3ad2de318b50e5f2f045768;p=thirdparty%2Fkrb5.git krb_check_auth clears the return value for the schedule parameter with a memset. This prevents callers from using the key schedule, which breaks code ticket: 1730 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15770 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog index c3bcc973e6..82a8d2b81e 100644 --- a/src/lib/krb4/ChangeLog +++ b/src/lib/krb4/ChangeLog @@ -1,3 +1,9 @@ +2003-08-15 Alexandra Ellwood + + * mk_auth.c: krb_check_auth clears the return value for the + schedule parameter with a memset. This prevents callers + from using the key schedule, which breaks code. + 2003-08-06 Alexandra Ellwood * configure.in: Don't assume all darwin boxes are powerpc. diff --git a/src/lib/krb4/mk_auth.c b/src/lib/krb4/mk_auth.c index 9159ce177b..cf85ea2f87 100644 --- a/src/lib/krb4/mk_auth.c +++ b/src/lib/krb4/mk_auth.c @@ -230,7 +230,6 @@ krb_check_auth (buf, checksum, msg_data, session, schedule, laddr, faddr) return KFAILURE; cc = krb_rd_priv(buf->dat, (unsigned KRB4_32)buf->length, schedule, (C_Block *)session, faddr, laddr, msg_data); - memset(schedule, 0, sizeof(schedule)); if (cc) return cc;