diff options
author | Greg Hudson <ghudson@mit.edu> | 2012-04-27 17:04:24 +0000 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2013-01-09 16:34:14 -0500 |
commit | a79e78cdcfa70d48a9357bbe16a3323b899c8219 (patch) | |
tree | 5fa9ddd1b3a2912995a8887fa745ddf9b5499938 | |
parent | 745c0194ee93318cf4d44f6f8ccb7739523d448e (diff) | |
download | krb5-a79e78cdcfa70d48a9357bbe16a3323b899c8219.zip krb5-a79e78cdcfa70d48a9357bbe16a3323b899c8219.tar.gz krb5-a79e78cdcfa70d48a9357bbe16a3323b899c8219.tar.bz2 |
Ensure null termination of AFS salts
Use krb5int_copy_data_contents_add0 when copying a pa-pw-salt or
pa-afs3-salt value in pa_salt(). If it's an afs3-salt, we're going to
throw away the length and use strcspn in krb5int_des_string_to_key,
which isn't safe if the value is unterminated.
(cherry picked from commit f566fee75f2455d6e5e7ee4fcdf5a0d327808639)
ticket: 7537 (new)
version_fixed: 1.10.4
status: resolved
-rw-r--r-- | src/lib/krb5/krb/preauth2.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index d43c20e..625ee4d 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -548,7 +548,7 @@ pa_salt(krb5_context context, krb5_kdc_req *request, krb5_pa_data *in_padata, tmp = padata2data(*in_padata); krb5_free_data_contents(context, salt); - retval = krb5int_copy_data_contents(context, &tmp, salt); + retval = krb5int_copy_data_contents_add0(context, &tmp, salt); if (retval) return retval; |