rocket-tools/riscv-gnu-toolchain/qemu/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/krb5.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Greg Hudson <ghudson@mit.edu>	2017-11-11 13:42:28 -0500
committer	Greg Hudson <ghudson@mit.edu>	2017-11-22 11:26:07 -0500
commit	b70ef60b1290ff6b6a028ac51ee761222e083720 (patch)
tree	17cd7e73a25c2e0a732b7355e27e6c5fe6974264 /src/lib/gssapi/mechglue/g_unseal.c
parent	5bae4fe119e22accab3d9045a9524530995596e9 (diff)
download	krb5-krb5-1.14.zip krb5-krb5-1.14.tar.gz krb5-krb5-1.14.tar.bz2

Length check when parsing GSS token encapsulationkrb5-1.14

gssint_get_mech_type_oid() is used by gss_accept_sec_context() to determine the mechanism of the token. Without length checking, it might read a few bytes past the end of the input token buffer. Add length checking as well as test cases for truncated encapsulations. Reported by Bar Katz. (cherry picked from commit f949e990f930f48df1f108fe311c58ae3da18b24) ticket: 8620 version_fixed: 1.14.7

Diffstat (limited to 'src/lib/gssapi/mechglue/g_unseal.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: