MITKRB5-SA-2006-003: mechglue argument handling too lax

Fix mechglue argument checks so that output pointers are always initialized regardless of whether the other arguments fail to validate for some reason. This avoids freeing of uninitialized pointers. Initialize the gss_buffer_descs in ovsec_kadmd.c. ticket: new target_version: 1.6 tags: pullup component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19043 dc483132-0cff-0310-8789-dd5450dbe970
author: Tom Yu <tlyu@mit.edu> 2007-01-09 19:45:25 +0000
committer: Tom Yu <tlyu@mit.edu> 2007-01-09 19:45:25 +0000
commit: 8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f (patch)
tree: f6272083f3a3644e2c9410792cc20d40da1a70b5 /src/kadmin
parent: 80f701fb42806dc549cf86a83b3aadbdd07d4c6b (diff)
download: krb5-8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f.tar.gz
krb5-8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f.tar.xz
krb5-8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c
index 48fc38daa..afae95a12 100644
--- a/src/kadmin/server/ovsec_kadmd.c
+++ b/src/kadmin/server/ovsec_kadmd.c
@@ -993,6 +993,11 @@ void log_badverf(gss_name_t client_name, gss_name_t server_name,
      int i;
      const char *procname;
 
+     client.length = 0;
+     client.value = NULL;
+     server.length = 0;
+     server.value = NULL;
+
      (void) gss_display_name(&minor, client_name, &client, &gss_type);
      (void) gss_display_name(&minor, server_name, &server, &gss_type);
      if (client.value == NULL)
author	Tom Yu <tlyu@mit.edu>	2007-01-09 19:45:25 +0000
committer	Tom Yu <tlyu@mit.edu>	2007-01-09 19:45:25 +0000
commit	8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f (patch)
tree	f6272083f3a3644e2c9410792cc20d40da1a70b5 /src/kadmin
parent	80f701fb42806dc549cf86a83b3aadbdd07d4c6b (diff)
download	krb5-8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f.tar.gz krb5-8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f.tar.xz krb5-8a2c04c2a1842d3c1cb7827ad20811b129a6ee7f.zip