oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Protect against negative n_ks_tuple values and against randkey returning negative n_keys

Browse Source
This commit is contained in:
Nicolas Williams
2011-07-24 11:08:58 -05:00
parent 95262936c7
commit 11c54cd6c8
2 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
kadmin/server.c
View File

@@ -395,6 +395,12 @@ kadmind_dispatch(void *kadm_handlep, krb5_boolean initial,
} else if (ret == 0) {
size_t i;
if (n_ks_tuple < 0) {
ret = EOVERFLOW;
krb5_free_principal(contextp->context, princ);
goto fail;
}
if ((ks_tuple = calloc(n_ks_tuple, sizeof (*ks_tuple))) == NULL) {
ret = errno;
krb5_free_principal(contextp->context, princ);