Always initialize the output token in gss_init_sec_context as required

by RFC 2744 section 5.19. The krb5 code did this but the generic code didn't, causing a double-free in OpenSSH. Ticket: 3086 Version_Reported: 1.3.6 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18114 dc483132-0cff-0310-8789-dd5450dbe970
author: Russ Allbery <rra@stanford.edu> 2006-06-12 18:58:01 +0000
committer: Russ Allbery <rra@stanford.edu> 2006-06-12 18:58:01 +0000
commit: d82c7673f86e528c0bb1fc3f69f749ea9cec245c (patch)
tree: 0807cedf14a3acb584a00a865513b3373ff95fbc /src/lib/gssapi
parent: 8ecc2964b53ab51b28f331143ed313eba539f8e3 (diff)
download: krb5-d82c7673f86e528c0bb1fc3f69f749ea9cec245c.tar.gz
krb5-d82c7673f86e528c0bb1fc3f69f749ea9cec245c.tar.xz
krb5-d82c7673f86e528c0bb1fc3f69f749ea9cec245c.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/lib/gssapi/mechglue/g_init_sec_context.c b/src/lib/gssapi/mechglue/g_init_sec_context.c
index 4ff47f8994..8f55ac5f4c 100644
--- a/src/lib/gssapi/mechglue/g_init_sec_context.c
+++ b/src/lib/gssapi/mechglue/g_init_sec_context.c
@@ -77,6 +77,8 @@ OM_uint32 *		time_rec;
     gss_cred_id_t	input_cred_handle;
 
     gss_initialize();
+    output_token->length = 0;
+    output_token->value = NULL;
 
     if (context_handle == NULL)
 	return GSS_S_NO_CONTEXT;
author	Russ Allbery <rra@stanford.edu>	2006-06-12 18:58:01 +0000
committer	Russ Allbery <rra@stanford.edu>	2006-06-12 18:58:01 +0000
commit	d82c7673f86e528c0bb1fc3f69f749ea9cec245c (patch)
tree	0807cedf14a3acb584a00a865513b3373ff95fbc /src/lib/gssapi
parent	8ecc2964b53ab51b28f331143ed313eba539f8e3 (diff)
download	krb5-d82c7673f86e528c0bb1fc3f69f749ea9cec245c.tar.gz krb5-d82c7673f86e528c0bb1fc3f69f749ea9cec245c.tar.xz krb5-d82c7673f86e528c0bb1fc3f69f749ea9cec245c.zip