oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

bound data returned to size of buffer

Browse Source
This commit is contained in:
Love Hornquist Astrand
2012-11-27 21:48:50 -08:00
parent 764e701e2d
commit 50055fe3c4
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/krb5/changepw.c
View File

@@ -302,6 +302,10 @@ process_reply (krb5_context context,
_krb5_get_int(reply, &size, 4);
if (size + 4 < len)
continue;
if (sizeof(reply) - 4 < size) {
krb5_set_error_message(context, ERANGE, "size from server too large %s", host);
return ERANGE;
}
memmove(reply, reply + 4, size);
len = size;
break;