oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

unparse_principal: reject embedded NULs

Browse Source
This commit is contained in:
Nicolas Williams
2019-09-10 21:35:08 -05:00
parent 621c68abea
commit fe5c0a907c
1 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
lib/krb5/principal.c
View File

@@ -279,9 +279,24 @@ krb5_parse_name_flags(krb5_context context,
c = '\t'; c = '\t';
else if (c == 'b') else if (c == 'b')
c = '\b'; c = '\b';
else if (c == '0') else if (c == '0') {
c = '\0'; /*
else if (c == '\0') { * We'll ignore trailing embedded NULs in components and
* realms, but can't support any other embedded NULs.
*/
while (*p) {
if ((*p == '/' || *p == '@') && !got_realm)
break;
if (*(p++) != '\\' || *(p++) != '0') {
ret = KRB5_PARSE_MALFORMED;
krb5_set_error_message(context, ret,
N_("embedded NULs in principal "
"name not supported", ""));
goto exit;
}
}
continue;
} else if (c == '\0') {
ret = KRB5_PARSE_MALFORMED; ret = KRB5_PARSE_MALFORMED;
krb5_set_error_message(context, ret, krb5_set_error_message(context, ret,
N_("trailing \\ in principal name", "")); N_("trailing \\ in principal name", ""));