krb5/CVE-2007-4000.patch

23 lines
637 B
Diff

*** src/lib/kadm5/srv/svr_policy.c (revision 20254)
--- src/lib/kadm5/srv/svr_policy.c (local)
***************
*** 211,218 ****
if((mask & KADM5_POLICY))
return KADM5_BAD_MASK;
! ret = krb5_db_get_policy(handle->context, entry->policy, &p, &cnt);
! if( ret && (cnt==0) )
return KADM5_UNK_POLICY;
if ((mask & KADM5_PW_MAX_LIFE))
--- 211,219 ----
if((mask & KADM5_POLICY))
return KADM5_BAD_MASK;
! if ((ret = krb5_db_get_policy(handle->context, entry->policy, &p, &cnt)))
! return ret;
! if (cnt != 1)
return KADM5_UNK_POLICY;
if ((mask & KADM5_PW_MAX_LIFE))