]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d016822) | patch
Check princ length in krb5_sname_match()
authorGreg Hudson <ghudson@mit.edu>
Thu, 12 May 2016 20:03:06 +0000 (16:03 -0400)
committerGreg Hudson <ghudson@mit.edu>
Thu, 26 May 2016 15:47:22 +0000 (11:47 -0400)
commitfb9fcfa92fd37221c77e1a4c0b930383e6839e22
treec06fb8aa5b69faa30088dd7b6489e0d5aff1f071tree
parentd0168227a062bc70b1ec04295cdaa512c33c2233commit | diff
Check princ length in krb5_sname_match()

krb5_sname_match() can read past the end of princ's component array in
some circumstances (typically when a keytab contains both "x" and
"x/y" principals).  Add a length check.  Reported by Spencer Jackson.

ticket: 8415
target_version: 1.14-next
target_version: 1.13-next
tags: pullup
src/lib/krb5/krb/sname_match.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git