diff options
| author | Greg Hudson <ghudson@mit.edu> | 2012-03-31 00:38:20 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2012-03-31 00:38:20 +0000 |
| commit | c49954a13ec5ebfecc20b25f68649983522adb03 (patch) | |
| tree | 998cb1bc55110c7a1b141c9ca3fa6badd8deb40c /src/lib | |
| parent | 4ce0974b4d5c37b22ceedb5aa7115eedcfc486ef (diff) | |
Fix data handling in rd_req_decoded_opt
We shouldn't peer at trans->tr_contents.data[0] if
trans->tr_contents.length is 0, even if the data field is non-null.
Harmless as long as the ASN.1 decoder uses null data fields for empty
krb5_data values, but still wrong.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25797 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/krb5/krb/rd_req_dec.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c index 261ac4619..fd3f9f780 100644 --- a/src/lib/krb5/krb/rd_req_dec.c +++ b/src/lib/krb5/krb/rd_req_dec.c @@ -330,7 +330,7 @@ rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, krb5_transited *trans = &(req->ticket->enc_part2->transited); /* If the transited list is empty, then we have at most one hop */ - if (trans->tr_contents.data && trans->tr_contents.data[0]) + if (trans->tr_contents.length > 0 && trans->tr_contents.data[0]) retval = KRB5KRB_AP_ERR_ILL_CR_TKT; } @@ -351,7 +351,7 @@ rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, * So we also have to check that the client's realm is the local one */ krb5_get_default_realm(context, &lrealm); - if ((trans->tr_contents.data && trans->tr_contents.data[0]) || + if ((trans->tr_contents.length > 0 && trans->tr_contents.data[0]) || !data_eq_string(*realm, lrealm)) { retval = KRB5KRB_AP_ERR_ILL_CR_TKT; } @@ -374,7 +374,7 @@ rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, * transited are within the hierarchy between the client's realm * and the local realm. */ - if (trans->tr_contents.data && trans->tr_contents.data[0]) { + if (trans->tr_contents.length > 0 && trans->tr_contents.data[0]) { retval = krb5_check_transited_list(context, &(trans->tr_contents), realm, krb5_princ_realm (context,server)); |