diff options
| author | Greg Hudson <ghudson@mit.edu> | 2012-07-08 00:25:06 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2012-07-08 00:25:06 -0400 |
| commit | f74fa6199f328c837f452fe6a4ca9e5242484b3e (patch) | |
| tree | 2f74d729caa5314d756991aae077450dac25974c /src | |
| parent | bc345d84e0b3c56a057a92ca76216d8af133b5f9 (diff) | |
| download | krb5-f74fa6199f328c837f452fe6a4ca9e5242484b3e.tar.gz krb5-f74fa6199f328c837f452fe6a4ca9e5242484b3e.tar.xz krb5-f74fa6199f328c837f452fe6a4ca9e5242484b3e.zip | |
Reject extra realm separators in principal names
Commit f609e5caff410cc8f71db7d95b4da219541437db accidentally omitted
the check for extra realm separators, leading to an assertion error
when parsing x@y@z or similar. Restore the check.
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/krb5/krb/parse.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/lib/krb5/krb/parse.c b/src/lib/krb5/krb/parse.c index cf3cce9d0d..613e41d1ff 100644 --- a/src/lib/krb5/krb/parse.c +++ b/src/lib/krb5/krb/parse.c @@ -79,6 +79,8 @@ allocate_princ(krb5_context context, const char *name, krb5_boolean enterprise, } else if (*p == '@' && (!enterprise || !first_at)) { /* Realm separator. In enterprise principals, the first one of * these we see is part of the component. */ + if (cur_data == &princ->realm) + return KRB5_PARSE_MALFORMED; cur_data = &princ->realm; } else { /* Component or realm character, possibly quoted. Make note if |