heimdal/gssapi at cfb32a638e35a8769719d0ebce5545fb9a015ea2 - heimdal - PVV Git

oysteikt/heimdal

Files

History

Joseph Sutton 2a4210b7e9 gsskrb5: CVE-2022-3437 Pass correct length to _gssapi_verify_pad()

We later subtract 8 when calculating the length of the output message
buffer. If padlength is excessively high, this calculation can underflow
and result in a very large positive value.

Now we properly constrain the value of padlength so underflow shouldn't
be possible.

Samba BUG: https://bugzilla.samba.org/show_bug.cgi?id=15134

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

2022-11-15 17:51:45 -06:00

..

gss: remove gss_get_instance()

2022-01-30 14:20:05 -05:00

gsskrb5: CVE-2022-3437 Pass correct length to _gssapi_verify_pad()

2022-11-15 17:51:45 -06:00

gss: Fix UB

2022-11-01 16:10:57 -05:00

Use constant-time memcmp when comparing sensitive buffers

2022-04-30 13:35:52 -04:00

Use constant-time memcmp when comparing sensitive buffers

2022-04-30 13:35:52 -04:00

gss: Fix warnings

2022-01-14 17:39:05 -06:00

gss: _gss_negoex_accept make error const

2022-01-17 15:46:45 +11:00

ChangeLog

switch to utf8 encoding of all files

2008-09-13 08:53:55 +00:00

gen-oid.pl

gss: intern OIDs (#447 )

2018-12-18 23:28:38 -06:00

gss_acquire_cred.3

Fix assorted typos

2018-12-14 17:30:14 -05:00

gss-commands.in

use sl_did_you_mean

2011-11-22 12:18:48 -08:00

gss-token.1

gss-token: implement -m to specify what mech to use.

2020-10-12 21:55:51 +01:00

gss-token.c

gss: Fix gss-token success exit code

2022-10-06 16:42:33 -05:00

gssapi_mech.h

Add stub for gss_acquire_cred_impersonate_name().

2021-10-19 20:45:40 +11:00

gssapi.3

remove trailing whitespace

2011-05-21 11:57:31 -07:00

gssapi.h

remove trailing whitespace

2008-09-13 09:21:03 +00:00

gsstool.c

use sl_did_you_mean

2011-11-22 12:18:48 -08:00

libgssapi-exports.def

gss: remove gss_get_instance()

2022-01-30 14:20:05 -05:00

libgssapi-version.rc

Windows: Rename libgssapi.dll -> gssapi.dll

2010-08-20 13:14:15 -04:00

Makefile.am

gssapi: add dependency on gkrb5_err.h

2022-09-16 16:13:50 -04:00

NTMakefile

Generate .x source files as .c source files

2022-01-05 17:36:24 -06:00

oid.txt

Document OID arcs delegated to Heimdal by SU

2021-03-25 10:38:28 -05:00

test_acquire_cred.c

gss: Fix some test leaks

2020-04-25 21:22:32 -05:00

test_add_store_cred.c

krb5: Improve cccol sub naming; add gss_store_cred_into2()

2020-03-02 17:48:04 -06:00

test_common.c

More fixes for -Werror (GCC 4.6 catches more stuff)

2011-11-02 23:20:55 -05:00

test_common.h

remove trailing whitespace

2008-09-13 09:21:03 +00:00

test_context.c

gss: Fix UB

2022-11-01 16:10:57 -05:00

test_cred.c

gss: SAnon - the Simple Anonymous GSS-API mechanism

2020-04-25 23:19:30 -05:00

test_kcred.c

gss: Workaround valgrind "lifetime not equal" issue

2022-01-18 12:35:26 -06:00

test_names.c

gss: Fix test_names clang-13 build

2022-01-02 21:19:13 -06:00

test_negoex_mech.c

gss: plug leak in test_negoex_mech

2020-03-02 17:16:58 +11:00

test_ntlm.c

Round #2 of scan-build warnings cleanup

2016-11-16 17:03:14 -06:00

test_oid.c

Always perform == or != operation on cmp function result

2021-11-24 22:30:44 -05:00

version-script.map

gss: remove gss_get_instance()

2022-01-30 14:20:05 -05:00