diff --git a/lib/gssapi/krb5/cfx.c b/lib/gssapi/krb5/cfx.c index 8d806f9fb..4ef7d0110 100644 --- a/lib/gssapi/krb5/cfx.c +++ b/lib/gssapi/krb5/cfx.c @@ -1623,7 +1623,10 @@ OM_uint32 _gssapi_mic_cfx(OM_uint32 *minor_status, return GSS_S_FAILURE; } - memcpy(buf, message_buffer->value, message_buffer->length); + if (message_buffer->length) + memcpy(buf, message_buffer->value, message_buffer->length); + else + memset(buf, 0, len); token = (gss_cfx_mic_token)(buf + message_buffer->length); token->TOK_ID[0] = 0x04; @@ -1773,7 +1776,8 @@ OM_uint32 _gssapi_verify_mic_cfx(OM_uint32 *minor_status, *minor_status = ENOMEM; return GSS_S_FAILURE; } - memcpy(buf, message_buffer->value, message_buffer->length); + if (message_buffer->length) + memcpy(buf, message_buffer->value, message_buffer->length); memcpy(buf + message_buffer->length, token, sizeof(*token)); ret = krb5_verify_checksum(context, ctx->crypto, diff --git a/lib/gssapi/mech/gss_utils.c b/lib/gssapi/mech/gss_utils.c index bb7e61939..88d79dd40 100644 --- a/lib/gssapi/mech/gss_utils.c +++ b/lib/gssapi/mech/gss_utils.c @@ -190,7 +190,10 @@ void _gss_mg_decode_le_uint32(const void *ptr, uint32_t *n) { const uint8_t *p = ptr; - *n = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); + *n = ((uint32_t)p[0] << 0) + | ((uint32_t)p[1] << 8) + | ((uint32_t)p[2] << 16) + | ((uint32_t)p[3] << 24); } void diff --git a/lib/gssapi/test_context.c b/lib/gssapi/test_context.c index 7446d15e0..907e9c4d2 100644 --- a/lib/gssapi/test_context.c +++ b/lib/gssapi/test_context.c @@ -734,17 +734,29 @@ wrapunwrap_iov(gss_ctx_id_t cctx, gss_ctx_id_t sctx, int flags, gss_OID mechoid) token.data = emalloc(token.length); p = token.data; - memcpy(p, iov[0].buffer.value, iov[0].buffer.length); + + if (iov[0].buffer.length) + memcpy(p, iov[0].buffer.value, iov[0].buffer.length); p += iov[0].buffer.length; - memcpy(p, iov[1].buffer.value, iov[1].buffer.length); + + if (iov[1].buffer.length) + memcpy(p, iov[1].buffer.value, iov[1].buffer.length); p += iov[1].buffer.length; - memcpy(p, iov[2].buffer.value, iov[2].buffer.length); + + if (iov[2].buffer.length) + memcpy(p, iov[2].buffer.value, iov[2].buffer.length); p += iov[2].buffer.length; - memcpy(p, iov[3].buffer.value, iov[3].buffer.length); + + if (iov[3].buffer.length) + memcpy(p, iov[3].buffer.value, iov[3].buffer.length); p += iov[3].buffer.length; - memcpy(p, iov[4].buffer.value, iov[4].buffer.length); + + if (iov[4].buffer.length) + memcpy(p, iov[4].buffer.value, iov[4].buffer.length); p += iov[4].buffer.length; - memcpy(p, iov[5].buffer.value, iov[5].buffer.length); + + if (iov[5].buffer.length) + memcpy(p, iov[5].buffer.value, iov[5].buffer.length); p += iov[5].buffer.length; assert(p - ((unsigned char *)token.data) == token.length); @@ -1336,7 +1348,7 @@ main(int argc, char **argv) if (out1.length != out2.length) errx(1, "prf len mismatch"); - if (memcmp(out1.value, out2.value, out1.length) != 0) + if (out1.length && memcmp(out1.value, out2.value, out1.length) != 0) errx(1, "prf data mismatch"); gss_release_buffer(&min_stat, &out1); @@ -1346,7 +1358,7 @@ main(int argc, char **argv) if (out1.length != out2.length) errx(1, "prf len mismatch"); - if (memcmp(out1.value, out2.value, out1.length) != 0) + if (out1.length && memcmp(out1.value, out2.value, out1.length) != 0) errx(1, "prf data mismatch"); gss_release_buffer(&min_stat, &out1);