Drop backport for RT#7643
This commit is contained in:
parent
a2e5f1f872
commit
25fe69d885
@ -1,122 +0,0 @@
|
||||
Needed by tests for empty-password cases.
|
||||
|
||||
commit 1e123231769fe640f446442cb210664d280ccbac
|
||||
Author: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Fri May 24 13:16:52 2013 -0400
|
||||
|
||||
Fix rc4 string-to-key on unterminated inputs
|
||||
|
||||
The internal UTF-8 to UCS-2 conversion functions did not properly
|
||||
respect their length arguments, instead assuming that the input string
|
||||
is terminated with a zero bytes. As a result,
|
||||
krb5int_arcfour_string_to_key could fail on unterminated inputs. Fix
|
||||
the underlying support functions to read their inputs only up to the
|
||||
specified length.
|
||||
|
||||
ticket: 7643 (new)
|
||||
|
||||
diff --git a/src/util/support/utf8_conv.c b/src/util/support/utf8_conv.c
|
||||
index d580bbc..b8bf989 100644
|
||||
--- a/src/util/support/utf8_conv.c
|
||||
+++ b/src/util/support/utf8_conv.c
|
||||
@@ -78,7 +78,8 @@ k5_utf8s_to_ucs2s(krb5_ucs2 *ucs2str,
|
||||
|
||||
/* If input ptr is NULL or empty... */
|
||||
if (utf8str == NULL || *utf8str == '\0') {
|
||||
- *ucs2str = 0;
|
||||
+ if (ucs2str != NULL)
|
||||
+ *ucs2str = 0;
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -119,9 +120,7 @@ k5_utf8s_to_ucs2s(krb5_ucs2 *ucs2str,
|
||||
ucs2len++; /* Count number of wide chars stored/required */
|
||||
}
|
||||
|
||||
- assert(ucs2len < count);
|
||||
-
|
||||
- if (ucs2str != NULL) {
|
||||
+ if (ucs2str != NULL && ucs2len < count) {
|
||||
/* Add null terminator if there's room in the buffer. */
|
||||
ucs2str[ucs2len] = 0;
|
||||
}
|
||||
@@ -172,12 +171,13 @@ krb5int_utf8cs_to_ucs2s(const char *utf8s,
|
||||
return ENOMEM;
|
||||
}
|
||||
|
||||
- len = k5_utf8s_to_ucs2s(*ucs2s, utf8s, chars + 1, 0);
|
||||
+ len = k5_utf8s_to_ucs2s(*ucs2s, utf8s, chars, 0);
|
||||
if (len < 0) {
|
||||
free(*ucs2s);
|
||||
*ucs2s = NULL;
|
||||
return EINVAL;
|
||||
}
|
||||
+ (*ucs2s)[chars] = 0;
|
||||
|
||||
if (ucs2chars != NULL) {
|
||||
*ucs2chars = chars;
|
||||
@@ -223,21 +223,23 @@ krb5int_utf8cs_to_ucs2les(const char *utf8s,
|
||||
{
|
||||
ssize_t len;
|
||||
size_t chars;
|
||||
+ krb5_ucs2 *ucs2s;
|
||||
|
||||
- chars = krb5int_utf8c_chars(utf8s, utf8slen);
|
||||
+ *ucs2les = NULL;
|
||||
|
||||
- *ucs2les = (unsigned char *)malloc((chars + 1) * sizeof(krb5_ucs2));
|
||||
- if (*ucs2les == NULL) {
|
||||
+ chars = krb5int_utf8c_chars(utf8s, utf8slen);
|
||||
+ ucs2s = malloc((chars + 1) * sizeof(krb5_ucs2));
|
||||
+ if (ucs2s == NULL)
|
||||
return ENOMEM;
|
||||
- }
|
||||
|
||||
- len = k5_utf8s_to_ucs2s((krb5_ucs2 *)*ucs2les, utf8s, chars + 1, 1);
|
||||
+ len = k5_utf8s_to_ucs2s(ucs2s, utf8s, chars, 1);
|
||||
if (len < 0) {
|
||||
- free(*ucs2les);
|
||||
- *ucs2les = NULL;
|
||||
+ free(ucs2s);
|
||||
return EINVAL;
|
||||
}
|
||||
+ ucs2s[chars] = 0;
|
||||
|
||||
+ *ucs2les = (unsigned char *)ucs2s;
|
||||
if (ucs2leslen != NULL) {
|
||||
*ucs2leslen = chars * sizeof(krb5_ucs2);
|
||||
}
|
||||
@@ -402,13 +404,14 @@ krb5int_ucs2cs_to_utf8s(const krb5_ucs2 *ucs2s,
|
||||
return ENOMEM;
|
||||
}
|
||||
|
||||
- len = k5_ucs2s_to_utf8s(*utf8s, (krb5_ucs2 *)ucs2s,
|
||||
- (size_t)len + 1, (ssize_t)ucs2slen, 0);
|
||||
+ len = k5_ucs2s_to_utf8s(*utf8s, (krb5_ucs2 *)ucs2s, (size_t)len,
|
||||
+ (ssize_t)ucs2slen, 0);
|
||||
if (len < 0) {
|
||||
free(*utf8s);
|
||||
*utf8s = NULL;
|
||||
return EINVAL;
|
||||
}
|
||||
+ (*utf8s)[len] = '\0';
|
||||
|
||||
if (utf8slen != NULL) {
|
||||
*utf8slen = len;
|
||||
@@ -438,13 +441,14 @@ krb5int_ucs2lecs_to_utf8s(const unsigned char *ucs2les,
|
||||
return ENOMEM;
|
||||
}
|
||||
|
||||
- len = k5_ucs2s_to_utf8s(*utf8s, (krb5_ucs2 *)ucs2les,
|
||||
- (size_t)len + 1, (ssize_t)ucs2leslen, 1);
|
||||
+ len = k5_ucs2s_to_utf8s(*utf8s, (krb5_ucs2 *)ucs2les, (size_t)len,
|
||||
+ (ssize_t)ucs2leslen, 1);
|
||||
if (len < 0) {
|
||||
free(*utf8s);
|
||||
*utf8s = NULL;
|
||||
return EINVAL;
|
||||
}
|
||||
+ (*utf8s)[len] = '\0';
|
||||
|
||||
if (utf8slen != NULL) {
|
||||
*utf8slen = len;
|
@ -88,7 +88,6 @@ Patch63: krb5-1.12-selinux-label.patch
|
||||
Patch71: krb5-1.11-dirsrv-accountlock.patch
|
||||
Patch86: krb5-1.9-debuginfo.patch
|
||||
Patch105: krb5-kvno-230379.patch
|
||||
Patch124: krb5-1.11.2-arcfour_short.patch
|
||||
Patch125: krb5-1.11.2-skew1.patch
|
||||
Patch126: krb5-1.11.2-skew2.patch
|
||||
Patch127: krb5-master-test_gss_no_udp.patch
|
||||
@ -317,7 +316,6 @@ ln -s NOTICE LICENSE
|
||||
%patch71 -p1 -b .dirsrv-accountlock %{?_rawbuild}
|
||||
%patch86 -p0 -b .debuginfo
|
||||
%patch105 -p1 -b .kvno
|
||||
%patch124 -p1 -b .arcfour_short
|
||||
%patch125 -p1 -b .skew1
|
||||
%patch126 -p1 -b .skew2
|
||||
%patch127 -p1 -b .test_gss_no_udp
|
||||
@ -1029,6 +1027,7 @@ exit 0
|
||||
- drop backport for RT#7598
|
||||
- drop backport for RT#7172
|
||||
- drop backport for RT#7642
|
||||
- drop backport for RT#7643
|
||||
|
||||
* Wed Oct 16 2013 Nalin Dahyabhai <nalin@redhat.com> - 1.11.3-26
|
||||
- create and own /etc/gss (#1019937)
|
||||
|
Loading…
Reference in New Issue
Block a user