From 9da1bc9dec8d228b35ef8639832cddc5e477ddf8 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Thu, 22 Jan 2015 14:26:23 -0500 Subject: Zero out the outputs of display_name The mechglue expects the mechanism function to zero them in all cases. Otherwise on error it will later try to free the output buffer value which can be an arbitrary pointer. This will cause a segfault or worse in glibc's free(). Signed-off-by: Simo Sorce Reviewed-by: Roland Mainz --- proxy/src/mechglue/gpp_import_and_canon_name.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'proxy') diff --git a/proxy/src/mechglue/gpp_import_and_canon_name.c b/proxy/src/mechglue/gpp_import_and_canon_name.c index 727823c..92e6e5d 100644 --- a/proxy/src/mechglue/gpp_import_and_canon_name.c +++ b/proxy/src/mechglue/gpp_import_and_canon_name.c @@ -33,6 +33,11 @@ OM_uint32 gssi_display_name(OM_uint32 *minor_status, struct gpp_name_handle *name; OM_uint32 maj, min = 0; + output_name_buffer->length = 0; + output_name_buffer->value = NULL; + if (output_name_type) + *output_name_type = GSS_C_NO_OID; + GSSI_TRACE(); name = (struct gpp_name_handle *)input_name; -- cgit