diff options
| author | Ben Kaduk <kaduk@mit.edu> | 2013-10-03 13:57:40 -0400 |
|---|---|---|
| committer | Ben Kaduk <kaduk@mit.edu> | 2013-10-04 13:23:30 -0400 |
| commit | 040f621b5071564b6b479e3375c9d63cbd3ee471 (patch) | |
| tree | c0cde8809084958ad835dbe9ab6938eb18300377 /src/kdc | |
| parent | 07d68eec2788bfe80686608813f644838707c168 (diff) | |
| download | krb5-040f621b5071564b6b479e3375c9d63cbd3ee471.zip krb5-040f621b5071564b6b479e3375c9d63cbd3ee471.tar.gz krb5-040f621b5071564b6b479e3375c9d63cbd3ee471.tar.bz2 | |
Zero out stack variables in process_tgs_req()
It is general good hygeine, preventing stack garbage from accidentally
leaking out into other consumers.
Don't bother with variables that are only used in a single place, but
do initialize the 'magic' field of nolrentry before it is used.
Diffstat (limited to 'src/kdc')
| -rw-r--r-- | src/kdc/do_tgs_req.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c index ae5e757..107e2c2 100644 --- a/src/kdc/do_tgs_req.c +++ b/src/kdc/do_tgs_req.c @@ -137,10 +137,10 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt, krb5_pa_data **e_data = NULL; kdc_realm_t *kdc_active_realm = NULL; - reply.padata = 0; /* For cleanup handler */ - reply_encpart.enc_padata = 0; - enc_tkt_reply.authorization_data = NULL; - + memset(&reply, 0, sizeof(reply)); + memset(&reply_encpart, 0, sizeof(reply_encpart)); + memset(&ticket_reply, 0, sizeof(ticket_reply)); + memset(&enc_tkt_reply, 0, sizeof(enc_tkt_reply)); session_key.contents = NULL; retval = decode_krb5_tgs_req(pkt, &request); @@ -701,6 +701,7 @@ process_tgs_req(struct server_handle *handle, krb5_data *pkt, nolrentry.lr_type = KRB5_LRQ_NONE; nolrentry.value = 0; + nolrentry.magic = 0; nolrarray[0] = &nolrentry; nolrarray[1] = 0; reply_encpart.last_req = nolrarray; /* not available for TGS reqs */ |