diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2017-03-29 22:49:09 +0200 |
---|---|---|
committer | Lukas Slebodnik <lslebodn@redhat.com> | 2017-03-30 18:20:19 +0200 |
commit | 7d73049884e3a96ca3b00b5bd4104f4edd6287ab (patch) | |
tree | 828845f30539759c7d1e0ac0a9eb9565df88511c /src/util/tev_curl.h | |
parent | 861ab44e8148208425b67c4711bc8fade10fd3ed (diff) | |
download | sssd-7d73049884e3a96ca3b00b5bd4104f4edd6287ab.tar.gz sssd-7d73049884e3a96ca3b00b5bd4104f4edd6287ab.tar.xz sssd-7d73049884e3a96ca3b00b5bd4104f4edd6287ab.zip |
KCM: Fix off-by-one error in secrets key parsing
When parsing the secrets key, the code tried to protect against malformed keys
or keys that are too short, but it did an error - the UUID stringified
form is 36 bytes long, so the UUID_STR_SIZE is 37 because UUID_STR_SIZE
accounts for the null terminator.
But the code, that was trying to assert that there are two characters after
the UUID string (separator and at least a single character for the name)
didn't take the NULL terminator (which strlen() doesn't return) into
account and ended up rejecting all ccaches whose name is only a single
character.
Reviewed-by: Fabiano FidĂȘncio <fidencio@redhat.com>
Diffstat (limited to 'src/util/tev_curl.h')
0 files changed, 0 insertions, 0 deletions