diff options
| author | Greg Hudson <ghudson@mit.edu> | 2014-10-07 20:22:52 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2014-10-09 11:35:51 -0400 |
| commit | 68cfc8b4e6338b78dce5a960ce47974a73906fac (patch) | |
| tree | 5d14ec7cfde198e867ea45d528fc7c7e3b166c7a | |
| parent | 319d98bf13e8486f9f378ee47147c9c4bdb15c37 (diff) | |
| download | krb5-68cfc8b4e6338b78dce5a960ce47974a73906fac.tar.gz krb5-68cfc8b4e6338b78dce5a960ce47974a73906fac.tar.xz krb5-68cfc8b4e6338b78dce5a960ce47974a73906fac.zip | |
Use gssalloc_malloc for GSS error tokens
In kg_accept_krb5, use gssalloc_malloc when allocating space for the
error token, since it will be freed with gssalloc_free. Using malloc
can cause heap corruption on Windows. This bug was masked by #1445
before 1.12.
ticket: 8024 (new)
target_version: 1.13.1
tags: pullup
| -rw-r--r-- | src/lib/gssapi/krb5/accept_sec_context.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index 45e18412b..014d24bda 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -1243,7 +1243,7 @@ fail: toktype = KG_TOK_CTX_ERROR; token.length = g_token_size(mech_used, tmsglen); - token.value = (unsigned char *) xmalloc(token.length); + token.value = gssalloc_malloc(token.length); if (!token.value) goto done; |