oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

kdc: Don’t use uninitialized variable

Browse Source 
The call to free_KDCDHKeyInfo(), further down, could have caused heap
corruption.

Found by Coverity (Samba CID 1544611).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This commit is contained in:
Joseph Sutton
2023-09-18 09:09:23 +12:00
committed by Nico Williams
parent 6f73fd8206
commit f8ba91164c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
kdc/pkinit.c
View File

@@ -1045,9 +1045,9 @@ pk_mk_pa_reply_dh(krb5_context context,
unsigned char *p; unsigned char *p;
ret = _kdc_serialize_ecdh_key(context, cp->u.ecdh.key, &p, ret = _kdc_serialize_ecdh_key(context, cp->u.ecdh.key, &p,
&dh_info.subjectPublicKey.length); &dh_info.subjectPublicKey.length);
dh_info.subjectPublicKey.data = p;
if (ret) if (ret)
goto out; goto out;
dh_info.subjectPublicKey.data = p;
} else } else
krb5_abortx(context, "no keyex selected ?"); krb5_abortx(context, "no keyex selected ?");