oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

dont entrust sprintf to encode binary packets

Browse Source
This commit is contained in:
Love Hornquist Astrand
2011-12-11 18:08:05 -08:00
parent 35e28dcd5d
commit 2eb0d6ec82
1 changed files with 17 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
kpasswd/kpasswdd.c
View File

@@ -123,21 +123,26 @@ make_result (krb5_data *data,
uint16_t result_code,
const char *expl)
{
char *str;
krb5_data_zero (data);
krb5_error_code ret;
krb5_storage *sp;
data->length = asprintf (&str,
"%c%c%s",
(result_code >> 8) & 0xFF,
result_code & 0xFF,
expl);
sp = krb5_storage_emem();
if (sp == NULL) goto out;
ret = krb5_store_uint32(sp, result_code);
if (ret) goto out;
ret = krb5_store_stringz(sp, expl);
if (ret) goto out;
ret = krb5_storage_to_data(sp, data);
if (ret) goto out;
krb5_storage_free(sp);
if (str == NULL) {
krb5_warnx (context, "Out of memory generating error reply");
return 1;
}
data->data = str;
return 0;
out:
if (sp)
krb5_storage_free(sp);
krb5_warnx (context, "Out of memory generating error reply");
return 1;
}
static void