diff options
| author | Ezra Peisach <epeisach@mit.edu> | 2003-05-22 17:31:57 +0000 |
|---|---|---|
| committer | Ezra Peisach <epeisach@mit.edu> | 2003-05-22 17:31:57 +0000 |
| commit | aed25fe148d68ca2302a3c69e68d15642f060ac1 (patch) | |
| tree | 4a302d712ba5bee2052f64e8f604b6f34f145a38 /src/lib | |
| parent | e0fdd6bd7cb7277bf4fcd38c102ce06930f293a9 (diff) | |
| download | krb5-aed25fe148d68ca2302a3c69e68d15642f060ac1.tar.gz krb5-aed25fe148d68ca2302a3c69e68d15642f060ac1.tar.xz krb5-aed25fe148d68ca2302a3c69e68d15642f060ac1.zip | |
Cross realm checks can check beyond end of buffer
* keytab.c (is_xrealm_tgt): Use strncmp instead of strcmp - as
principal and realm name do not need to be null terminated.
ticket: new
tags: pullup
target_version: 1.3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15466 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/kdb/ChangeLog | 5 | ||||
| -rw-r--r-- | src/lib/kdb/keytab.c | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/src/lib/kdb/ChangeLog b/src/lib/kdb/ChangeLog index de4ff5a5eb..87f60aad91 100644 --- a/src/lib/kdb/ChangeLog +++ b/src/lib/kdb/ChangeLog @@ -1,3 +1,8 @@ +2003-05-22 Ezra Peisach <epeisach@mit.edu> + + * keytab.c (is_xrealm_tgt): Use strncmp instead of strcmp - as + principal and realm name do not need to be null terminated. + 2003-04-01 Tom Yu <tlyu@mit.edu> * Makefile.in: Remove $(SHLIB_DBLIB_DEPS) and related variables. diff --git a/src/lib/kdb/keytab.c b/src/lib/kdb/keytab.c index 90a81cac84..5db382cc25 100644 --- a/src/lib/kdb/keytab.c +++ b/src/lib/kdb/keytab.c @@ -217,7 +217,7 @@ is_xrealm_tgt(krb5_context context, krb5_const_principal princ) dat = krb5_princ_component(context, princ, 1); if (dat->length != princ->realm.length) return 1; - if (strcmp(dat->data, princ->realm.data) == 0) + if (strncmp(dat->data, princ->realm.data, dat->length) == 0) return 0; return 1; |