- fix included in 1.9
This commit is contained in:
parent
96c33d14c4
commit
4ddc28e6c6
@ -1,34 +0,0 @@
|
||||
Candidate fix for CVE-2010-1322.
|
||||
|
||||
diff -up krb5/src/kdc/kdc_authdata.c krb5/src/kdc/kdc_authdata.c
|
||||
--- krb5/src/kdc/kdc_authdata.c 2010-09-22 16:01:55.196827943 -0400
|
||||
+++ krb5/src/kdc/kdc_authdata.c 2010-09-22 16:01:58.282828001 -0400
|
||||
@@ -495,7 +495,7 @@ merge_authdata (krb5_context context,
|
||||
krb5_boolean copy,
|
||||
krb5_boolean ignore_kdc_issued)
|
||||
{
|
||||
- size_t i, nadata = 0;
|
||||
+ size_t i, j, nadata = 0;
|
||||
krb5_authdata **authdata = *out_authdata;
|
||||
|
||||
if (in_authdata == NULL || in_authdata[0] == NULL)
|
||||
@@ -529,16 +529,16 @@ merge_authdata (krb5_context context,
|
||||
in_authdata = tmp;
|
||||
}
|
||||
|
||||
- for (i = 0; in_authdata[i] != NULL; i++) {
|
||||
+ for (i = 0, j = 0; in_authdata[i] != NULL; i++) {
|
||||
if (ignore_kdc_issued &&
|
||||
is_kdc_issued_authdatum(context, in_authdata[i], 0)) {
|
||||
free(in_authdata[i]->contents);
|
||||
free(in_authdata[i]);
|
||||
} else
|
||||
- authdata[nadata + i] = in_authdata[i];
|
||||
+ authdata[nadata + j++] = in_authdata[i];
|
||||
}
|
||||
|
||||
- authdata[nadata + i] = NULL;
|
||||
+ authdata[nadata + j] = NULL;
|
||||
|
||||
free(in_authdata);
|
||||
|
Loading…
Reference in New Issue
Block a user