summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2014-01-18 13:03:32 -0500
committerGreg Hudson <ghudson@mit.edu>2014-01-18 13:03:32 -0500
commita44945dfa6502d4cd99943b2448ada389bc22b73 (patch)
tree68899f19e51fc2b1aba49c596766109c2248cbb2 /src
parent6f8d5135334c9ddb674f9824e750872b3b0642ea (diff)
downloadkrb5-a44945dfa6502d4cd99943b2448ada389bc22b73.tar.gz
krb5-a44945dfa6502d4cd99943b2448ada389bc22b73.tar.xz
krb5-a44945dfa6502d4cd99943b2448ada389bc22b73.zip
Fix gss_pseudo_random leak on zero length output
Nobody is likely to ever ask for zero bytes of output from gss_pseudo_random, but if they do, just return an empty buffer without allocating. Otherwise we leak memory because gss_release_buffer doesn't do anything to buffers with length 0. ticket: 7838 (new)
Diffstat (limited to 'src')
-rw-r--r--src/lib/gssapi/krb5/prf.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/lib/gssapi/krb5/prf.c b/src/lib/gssapi/krb5/prf.c
index a0fbcdab0f..bfca89b4c6 100644
--- a/src/lib/gssapi/krb5/prf.c
+++ b/src/lib/gssapi/krb5/prf.c
@@ -81,6 +81,9 @@ krb5_gss_pseudo_random(OM_uint32 *minor_status,
goto cleanup;
}
+ if (desired_output_len == 0)
+ return GSS_S_COMPLETE;
+
prf_out->value = k5alloc(desired_output_len, &code);
if (prf_out->value == NULL) {
code = KG_INPUT_TOO_LONG;