Paranoid in checking that we parsed the complete buffer

This commit is contained in:
Love Hornquist Astrand
2009-09-28 20:35:13 -07:00
parent 9680711e30
commit 7fbe96b164

View File

@@ -1644,6 +1644,12 @@ match_ms_upn_san(krb5_context context,
kdc_log(context, config, 0, "Decode of MS-UPN-SAN failed");
goto out;
}
if (size != list.val[0].length) {
free_MS_UPN_SAN(&upn);
kdc_log(context, config, 0, "Trailing data in ");
ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH;
goto out;
}
kdc_log(context, config, 0, "found MS UPN SAN: %s", upn);