oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Don't require NUL term. in gss_add_cred_with_pw

Browse Source
This commit is contained in:
Nicolas Williams
2015-04-13 18:31:16 -05:00
parent 7da08a658b
commit 67af588bce
1 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
lib/gssapi/krb5/acquire_cred.c
View File

@@ -165,14 +165,20 @@ static OM_uint32 acquire_initiator_cred
goto end;
if (credential_type != GSS_C_NO_OID &&
gss_oid_equal(credential_type, GSS_C_CRED_PASSWORD)) {
gss_buffer_t password = (gss_buffer_t)credential_data;
gss_buffer_t pwbuf = (gss_buffer_t)credential_data;
char *pw;
/* XXX are we requiring password to be NUL terminated? */
/* Add possibly-missing NUL terminator */
pw = strndup(pwbuf->value, pwbuf->length);
if (pw == NULL) {
kret = krb5_enomem(context);
goto end;
}
kret = krb5_get_init_creds_password(context, &cred,
handle->principal,
password->value,
NULL, NULL, 0, NULL, opt);
kret = krb5_get_init_creds_password(context, &cred,
handle->principal, pw,
NULL, NULL, 0, NULL, opt);
free(pw);
} else {
kret = get_keytab(context, &keytab);
if (kret) {