diff options
author | Cy Schubert <cy@FreeBSD.org> | 2003-03-21 00:54:06 +0000 |
---|---|---|
committer | Cy Schubert <cy@FreeBSD.org> | 2003-03-21 00:54:06 +0000 |
commit | af7a454fd3da00363fde4728708eb83d5e734230 (patch) | |
tree | 8dc748b7f3a65ad37e15622ed189237948b2c5db /security/krb5-16/files/patch-lib::krb5::krb::gc_frm_kdc.c | |
parent | 9945021b5e86c3939516e949c36acaf41406e915 (diff) | |
download | ports-af7a454fd3da00363fde4728708eb83d5e734230.tar.gz ports-af7a454fd3da00363fde4728708eb83d5e734230.zip |
Patches from:
- MITKRB5-SA-2003-005:
Buffer overrun and underrun in principal name handling
- MITKRB5-SA-2003-004:
Cryptographic weaknesses in Kerberos v4 protocol; KDC and realm
compromise possible.
- MITKRB5-SA-2003-003:
Faulty length checks in xdrmem_getbytes may allow kadmind DoS.
- Additional patches from RedHat.
Approved by: kris (wearing his portmgr hat)
Obtained from: MIT Website and Nalin Dahyabhai <nalin@redhat.com>
Notes
Notes:
svn path=/head/; revision=77170
Diffstat (limited to 'security/krb5-16/files/patch-lib::krb5::krb::gc_frm_kdc.c')
-rw-r--r-- | security/krb5-16/files/patch-lib::krb5::krb::gc_frm_kdc.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/security/krb5-16/files/patch-lib::krb5::krb::gc_frm_kdc.c b/security/krb5-16/files/patch-lib::krb5::krb::gc_frm_kdc.c new file mode 100644 index 000000000000..4ad0d8cc43c5 --- /dev/null +++ b/security/krb5-16/files/patch-lib::krb5::krb::gc_frm_kdc.c @@ -0,0 +1,14 @@ +diff -ur krb5-1.2.7/src/lib/krb5/krb/gc_frm_kdc.c krb5-1.2.7/src/lib/krb5/krb/gc_frm_kdc.c +--- lib/krb5/krb/gc_frm_kdc.c 1999-09-24 17:19:24.000000000 -0400 ++++ lib/krb5/krb/gc_frm_kdc.c 2003-02-03 17:35:40.000000000 -0500 +@@ -347,7 +347,9 @@ + for (next_server = top_server; *next_server; next_server++) { + krb5_data *realm_1 = krb5_princ_component(context, next_server[0], 1); + krb5_data *realm_2 = krb5_princ_component(context, tgtr->server, 1); +- if (realm_1->length == realm_2->length && ++ if (realm_1 != NULL && ++ realm_2 != NULL && ++ realm_1->length == realm_2->length && + !memcmp(realm_1->data, realm_2->data, realm_1->length)) { + break; + } |