Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 249737 Details for
Bug 339866
<app-crypt/mit-krb5-1.8.3-r1: Uninitialized pointer in authorization data handling DoS (CVE-2010-1322)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
CVE-2010-1322.patch
CVE-2010-1322.patch (text/plain), 1.04 KB, created by
Eray Aslan
on 2010-10-06 11:45:34 UTC
(
hide
)
Description:
CVE-2010-1322.patch
Filename:
MIME Type:
Creator:
Eray Aslan
Created:
2010-10-06 11:45:34 UTC
Size:
1.04 KB
patch
obsolete
>diff --git a/src/kdc/kdc_authdata.c b/src/kdc/kdc_authdata.c >index b5de64d..cc44e29 100644 >--- a/src/kdc/kdc_authdata.c >+++ b/src/kdc/kdc_authdata.c >@@ -495,7 +495,7 @@ merge_authdata (krb5_context context, > krb5_boolean copy, > krb5_boolean ignore_kdc_issued) > { >- size_t i, nadata = 0; >+ size_t i, j, nadata = 0; > krb5_authdata **authdata = *out_authdata; > > if (in_authdata == NULL || in_authdata[0] == NULL) >@@ -529,16 +529,16 @@ merge_authdata (krb5_context context, > in_authdata = tmp; > } > >- for (i = 0; in_authdata[i] != NULL; i++) { >+ for (i = 0, j = 0; in_authdata[i] != NULL; i++) { > if (ignore_kdc_issued && > is_kdc_issued_authdatum(context, in_authdata[i], 0)) { > free(in_authdata[i]->contents); > free(in_authdata[i]); > } else >- authdata[nadata + i] = in_authdata[i]; >+ authdata[nadata + j++] = in_authdata[i]; > } > >- authdata[nadata + i] = NULL; >+ authdata[nadata + j] = NULL; > > free(in_authdata); >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 339866
: 249737 |
249739