diff options
| author | Alexandra Ellwood <lxs@mit.edu> | 2008-03-10 19:13:07 +0000 |
|---|---|---|
| committer | Alexandra Ellwood <lxs@mit.edu> | 2008-03-10 19:13:07 +0000 |
| commit | 4c14c400777b12193a842f3eb050ff7c14a65e94 (patch) | |
| tree | 3820cf45c5c4bc330e82fc736a7a074093afb66e /src/ccapi | |
| parent | 0d072b06dc3877a03946680456e56d4b6fca1720 (diff) | |
| download | krb5-4c14c400777b12193a842f3eb050ff7c14a65e94.tar.gz krb5-4c14c400777b12193a842f3eb050ff7c14a65e94.tar.xz krb5-4c14c400777b12193a842f3eb050ff7c14a65e94.zip | |
CCAPI v2 support crash when client or server strings are NULL
The CCAPI v2 support will crash if passed in a krb5 credential with
the client or server principal strings set to NULL. Since CCAPI v3+
support checks for this we should check in CCAPI v2.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20260 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/ccapi')
| -rw-r--r-- | src/ccapi/common/cci_cred_union.c | 34 |
1 files changed, 25 insertions, 9 deletions
diff --git a/src/ccapi/common/cci_cred_union.c b/src/ccapi/common/cci_cred_union.c index 902013dec1..ae99f88b89 100644 --- a/src/ccapi/common/cci_cred_union.c +++ b/src/ccapi/common/cci_cred_union.c @@ -871,13 +871,21 @@ cc_uint32 cci_credentials_union_to_cred_union (const cc_credentials_union *in_c } if (!err) { - compat_v5creds->client = strdup (v5creds->client); - if (!compat_v5creds->client) { err = cci_check_error (ccErrNoMem); } + if (!v5creds->client) { + err = cci_check_error (ccErrBadParam); + } else { + compat_v5creds->client = strdup (v5creds->client); + if (!compat_v5creds->client) { err = cci_check_error (ccErrNoMem); } + } } if (!err) { - compat_v5creds->server = strdup (v5creds->server); - if (!compat_v5creds->server) { err = cci_check_error (ccErrNoMem); } + if (!v5creds->server) { + err = cci_check_error (ccErrBadParam); + } else { + compat_v5creds->server = strdup (v5creds->server); + if (!compat_v5creds->server) { err = cci_check_error (ccErrNoMem); } + } } if (!err) { @@ -987,13 +995,21 @@ cc_uint32 cci_cred_union_to_credentials_union (const cred_union *in_cred_un } if (!err) { - v5creds->client = strdup (compat_v5creds->client); - if (!v5creds->client) { err = cci_check_error (ccErrNoMem); } + if (!compat_v5creds->client) { + err = cci_check_error (ccErrBadParam); + } else { + v5creds->client = strdup (compat_v5creds->client); + if (!v5creds->client) { err = cci_check_error (ccErrNoMem); } + } } if (!err) { - v5creds->server = strdup (compat_v5creds->server); - if (!v5creds->server) { err = cci_check_error (ccErrNoMem); } + if (!compat_v5creds->server) { + err = cci_check_error (ccErrBadParam); + } else { + v5creds->server = strdup (compat_v5creds->server); + if (!v5creds->server) { err = cci_check_error (ccErrNoMem); } + } } if (!err) { @@ -1077,7 +1093,7 @@ cc_uint32 cci_cred_union_compare_to_credentials_union (const cred_union } } else if (in_cred_union_compat->cred_type == CC_CRED_V5 && - in_credentials_union->version == cc_credentials_v5) { + in_credentials_union->version == cc_credentials_v5) { cc_credentials_v5_compat *old_creds_v5 = in_cred_union_compat->cred.pV5Cred; cc_credentials_v5_t *new_creds_v5 = in_credentials_union->credentials.credentials_v5; |