summaryrefslogtreecommitdiffstats
path: root/src/lib/crypto/string_to_key.c
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2008-11-03 21:05:25 +0000
committerGreg Hudson <ghudson@mit.edu>2008-11-03 21:05:25 +0000
commit65317bca348ba8f6e19f008c06dcf4eb4e65e8a1 (patch)
treebafa804c90911966a8c9503b7c89b86cc9d4ad93 /src/lib/crypto/string_to_key.c
parent361f491af705254ca778dc290e24d72cd2add4fd (diff)
downloadkrb5-65317bca348ba8f6e19f008c06dcf4eb4e65e8a1.tar.gz
krb5-65317bca348ba8f6e19f008c06dcf4eb4e65e8a1.tar.xz
krb5-65317bca348ba8f6e19f008c06dcf4eb4e65e8a1.zip
Apply Apple patch to null out key->contents after freeing on failure,
eliminating the possibility that the pointer will be used after free. ticket: 6247 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20961 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/crypto/string_to_key.c')
-rw-r--r--src/lib/crypto/string_to_key.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/lib/crypto/string_to_key.c b/src/lib/crypto/string_to_key.c
index 03165ab25d..71d9db6501 100644
--- a/src/lib/crypto/string_to_key.c
+++ b/src/lib/crypto/string_to_key.c
@@ -93,6 +93,8 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype,
if (ret) {
memset(key->contents, 0, keylength);
free(key->contents);
+ key->length = 0;
+ key->contents = NULL;
}
return(ret);