diff options
author | Robbie Harwood <rharwood@redhat.com> | 2017-04-19 17:39:28 +0000 |
---|---|---|
committer | Robbie Harwood <rharwood@redhat.com> | 2017-04-19 17:49:45 +0000 |
commit | 21848ec3e1a0d4a00ed0f4ff467c3b37ec97d395 (patch) | |
tree | 3b55b87910c4a134b8187da3998092641e17af4a /Correct-error-handling-bug-in-prior-commit.patch | |
parent | 291b968871e72c24382a700453618ec50abc25b3 (diff) | |
download | krb5-21848ec3e1a0d4a00ed0f4ff467c3b37ec97d395.tar.gz krb5-21848ec3e1a0d4a00ed0f4ff467c3b37ec97d395.tar.xz krb5-21848ec3e1a0d4a00ed0f4ff467c3b37ec97d395.zip |
Update backports of certauth and corresponding test
Diffstat (limited to 'Correct-error-handling-bug-in-prior-commit.patch')
-rw-r--r-- | Correct-error-handling-bug-in-prior-commit.patch | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/Correct-error-handling-bug-in-prior-commit.patch b/Correct-error-handling-bug-in-prior-commit.patch new file mode 100644 index 0000000..95b41e5 --- /dev/null +++ b/Correct-error-handling-bug-in-prior-commit.patch @@ -0,0 +1,32 @@ +From edb91a5cafe2380209e5d482062dfdd608b23772 Mon Sep 17 00:00:00 2001 +From: Greg Hudson <ghudson@mit.edu> +Date: Thu, 23 Mar 2017 13:42:55 -0400 +Subject: [PATCH] Correct error handling bug in prior commit + +In crypto_encode_der_cert(), if the second i2d_X509() invocation +fails, make sure to free the allocated pointer and not the +possibly-modified alias. + +ticket: 8561 +(cherry picked from commit 7fdaef7c3280c86b5df25ae061fb04cc56d8620c) +--- + src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +index a5b010b26..90c30dbf5 100644 +--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c ++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +@@ -6196,10 +6196,10 @@ crypto_encode_der_cert(krb5_context context, pkinit_req_crypto_context reqctx, + if (len <= 0) + return EINVAL; + p = der = malloc(len); +- if (p == NULL) ++ if (der == NULL) + return ENOMEM; + if (i2d_X509(reqctx->received_cert, &p) <= 0) { +- free(p); ++ free(der); + return EINVAL; + } + *der_out = der; |