oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
Files
4aca82c7d0d3b8249fb42e505927e2cbd80df0e3
heimdal/lib/gssapi/krb5
History
Joseph Sutton 4aca82c7d0 gsskrb5: CVE-2022-3437 Check the result of _gsskrb5_get_mech() 
We should make sure that the result of 'total_len - mech_len' won't
overflow, and that we don't memcmp() past the end of the buffer.

Samba BUG: https://bugzilla.samba.org/show_bug.cgi?id=15134

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-11-15 17:51:45 -06:00
..
8003.c
Use constant-time memcmp when comparing sensitive buffers
2022-04-30 13:35:52 -04:00
accept_sec_context.c
gsskrb5: Fix dead code issues in deleg cred path
2022-01-17 18:10:08 -06:00
acquire_cred.c
add_cred.c
address_to_krb5addr.c
aeap.c
arcfour.c
gsskrb5: CVE-2022-3437 Use constant-time memcmp() for arcfour unwrap
2022-11-15 17:51:45 -06:00
authorize_localname.c
canonicalize_name.c
ccache_name.c
cfx.c
gss: Fix UB
2022-11-01 16:10:57 -05:00
cfx.h
compare_name.c
compat.c
context_time.c
copy_ccache.c
gsskrb5: Fix coverity issue
2022-01-20 13:28:57 -06:00
creds.c
decapsulate.c
gsskrb5: CVE-2022-3437 Check the result of _gsskrb5_get_mech()
2022-11-15 17:51:45 -06:00
delete_sec_context.c
display_name.c
display_status.c
duplicate_cred.c
duplicate_name.c
encapsulate.c
export_name.c
export_sec_context.c
gssapi/krb5: _gsskrb5_export_sec_context copy/paste error
2022-01-14 23:01:30 -05:00
external.c
gss: Make krb5 name attrs table-driven
2022-01-08 10:38:01 +11:00
get_mic.c
gkrb5_err.et
gsskrb5_locl.h
import_name.c
import_sec_context.c
indicate_mechs.c
init_sec_context.c
rewrite fallthrough to HEIM_FALLTHROUGH to deal with new Apple SDKs
2022-09-16 15:58:45 -04:00
init.c
inquire_context.c
inquire_cred_by_mech.c
inquire_cred_by_oid.c
inquire_cred.c
inquire_mechs_for_name.c
inquire_names_for_mech.c
inquire_sec_context_by_oid.c
name_attrs.c
gsskrb5: Fix dead code in get_transited()
2022-01-17 11:50:16 -06:00
pname_to_uid.c
prf.c
process_context_token.c
release_buffer.c
release_cred.c
release_name.c
sequence.c
set_cred_option.c
set_sec_context_option.c
store_cred.c
gsskrb5: Fix warnings
2022-01-14 17:39:05 -06:00
test_acquire_cred.c
test_cfx.c
test_cred.c
test_kcred.c
gss: Workaround valgrind "lifetime not equal" issue
2022-01-18 12:35:26 -06:00
test_oid.c
test_sequence.c
ticket_flags.c
unwrap.c
gsskrb5: CVE-2022-3437 Don't pass NULL pointers to memcpy() in DES unwrap
2022-11-15 17:51:45 -06:00
verify_mic.c
wrap.c