]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f712fa5) | patch
Fix input length checking in SPNEGO DER decoding 1098/head
authorGreg Hudson <ghudson@mit.edu>
Tue, 28 Jul 2020 16:58:26 +0000 (12:58 -0400)
committerGreg Hudson <ghudson@mit.edu>
Wed, 9 Sep 2020 20:34:44 +0000 (16:34 -0400)
commit64f4b75a22212681ca293f8f09ddd24b0244d5b4
tree9c51b377ea34fad65a2568467f382459a0ebba16tree
parentf712fa5a94438096d3c2449babe4aca9c17d7febcommit | diff
Fix input length checking in SPNEGO DER decoding

In get_mech_set(), check the length before reading the first byte, and
decrease the length by the tag byte when reading and verifying the
sequence length.

In get_req_flags(), check the length before reading the first byte,
and check the context tag length after decoding it.

ticket: 8933 (new)
tags: pullup
target_version: 1.18-next
target_version: 1.17-next
src/lib/gssapi/spnego/spnego_mech.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git