diff options
| author | Greg Hudson <ghudson@mit.edu> | 2014-05-21 12:03:00 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2014-05-24 11:11:33 -0400 |
| commit | 0bf18fd4363f9f1244688daac224bd456bf52e7f (patch) | |
| tree | 90ae0d81e9b198f154065037639447155cab8d46 /src/lib/gssapi/mechglue | |
| parent | f4fce5afd8c4bb5e46aa7041f10118026c5152f0 (diff) | |
| download | krb5-0bf18fd4363f9f1244688daac224bd456bf52e7f.tar.gz krb5-0bf18fd4363f9f1244688daac224bd456bf52e7f.tar.xz krb5-0bf18fd4363f9f1244688daac224bd456bf52e7f.zip | |
Improve pointer hygiene around gss_display_name
GSSAPI functions are responsible for setting their output parameters
on failure. Take greater care to do so in krb5_gss_display_name.
The mechglue is generally defensive about initializing variables used
as outputs, and not assuming that mechs will set them on failure.
Make gssint_convert_name_to_union_name initialize
union_name->external_name before calling mech->gss_display_name, so
that if the mech's gss_display_name doesn't touch it, we don't free an
uninitialized pointer.
Either one of these changes prevents an unlikely memory bug which
could occur if krb5_gss_init_context fails within
krb5_gss_display_name when called from
gssint_convert_name_to_union_name.
ticket: 7915 (new)
target_version: 1.12.2
Diffstat (limited to 'src/lib/gssapi/mechglue')
| -rw-r--r-- | src/lib/gssapi/mechglue/g_glue.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/lib/gssapi/mechglue/g_glue.c b/src/lib/gssapi/mechglue/g_glue.c index e438a032c..4aa3591a0 100644 --- a/src/lib/gssapi/mechglue/g_glue.c +++ b/src/lib/gssapi/mechglue/g_glue.c @@ -647,6 +647,8 @@ OM_uint32 gssint_convert_name_to_union_name(minor_status, mech, major_status = GSS_S_FAILURE; goto allocation_failure; } + union_name->external_name->length = 0; + union_name->external_name->value = NULL; major_status = mech->gss_display_name(minor_status, internal_name, |