oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

heimdal: Initialise KDC reply

Browse Source 
The reply structure was not being zero-initialised in all cases, leading
to crashes or possible heap corruption on error paths when we later
freed it.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This commit is contained in:
Joseph Sutton
2021-12-01 12:52:08 +13:00
committed by Luke Howard
parent 83625d349e
commit d2dc61c720
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/krb5/get_cred.c
View File

@@ -423,7 +423,7 @@ get_cred_kdc(krb5_context context,
TGS_REQ req; TGS_REQ req;
krb5_data enc; krb5_data enc;
krb5_data resp; krb5_data resp;
krb5_kdc_rep rep; krb5_kdc_rep rep = {0};
KRB_ERROR error; KRB_ERROR error;
krb5_error_code ret; krb5_error_code ret;
unsigned nonce; unsigned nonce;
@@ -543,7 +543,6 @@ get_cred_kdc(krb5_context context,
if(ret) if(ret)
goto out; goto out;
memset(&rep, 0, sizeof(rep));
if(decode_TGS_REP(resp.data, resp.length, &rep.kdc_rep, &len) == 0) { if(decode_TGS_REP(resp.data, resp.length, &rep.kdc_rep, &len) == 0) {
unsigned eflags = 0; unsigned eflags = 0;