diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2007-02-24 00:56:23 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2007-02-24 00:56:23 +0000 |
| commit | ed3fa1390f7f70ab62d476dc467042bac3c5a1b6 (patch) | |
| tree | 2c4cd289c8fea1d918e03eee61491a4954650f71 /src/lib/gssapi | |
| parent | 10a8d548b153a3e5eb61b1d8804c73ab815a0e19 (diff) | |
| download | krb5-ed3fa1390f7f70ab62d476dc467042bac3c5a1b6.tar.gz krb5-ed3fa1390f7f70ab62d476dc467042bac3c5a1b6.tar.xz krb5-ed3fa1390f7f70ab62d476dc467042bac3c5a1b6.zip | |
If a reflection is detected, zap the message buffer pointer output
argument as well as actually freeing the buffer. (Found while using
the gsstest option to exercise error conditions.)
ticket: 5445
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19171 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi')
| -rw-r--r-- | src/lib/gssapi/krb5/k5unseal.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c index 30845bd85a..8c999868ef 100644 --- a/src/lib/gssapi/krb5/k5unseal.c +++ b/src/lib/gssapi/krb5/k5unseal.c @@ -457,8 +457,11 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, if ((ctx->initiate && direction != 0xff) || (!ctx->initiate && direction != 0)) { - if (toktype == KG_TOK_SEAL_MSG) + if (toktype == KG_TOK_SEAL_MSG) { xfree(token.value); + message_buffer->value = NULL; + message_buffer->length = 0; + } *minor_status = G_BAD_DIRECTION; return(GSS_S_BAD_SIG); } |