diff options
author | Jacques Vidrine <nectar@FreeBSD.org> | 2004-05-05 20:17:51 +0000 |
---|---|---|
committer | Jacques Vidrine <nectar@FreeBSD.org> | 2004-05-05 20:17:51 +0000 |
commit | 0b258eda53710c234c0a51f3005f15a52461fbe0 (patch) | |
tree | a9970aa22d5dd283a788e2015246950bec517455 | |
parent | 262fd10c45f38b627e90981fa51d19598a7fde76 (diff) | |
download | src-0b258eda53710c234c0a51f3005f15a52461fbe0.tar.gz src-0b258eda53710c234c0a51f3005f15a52461fbe0.zip |
Correct a heap buffer overflow in k5admind(8) when built with Kerberos
IV support.
Obtained from: Heimdal CVS
Approved by: so
Notes
Notes:
svn path=/releng/4.8/; revision=128982
-rw-r--r-- | UPDATING | 3 | ||||
-rw-r--r-- | crypto/heimdal/kadmin/version4.c | 2 | ||||
-rw-r--r-- | sys/conf/newvers.sh | 2 |
3 files changed, 6 insertions, 1 deletions
@@ -17,6 +17,9 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20040505: p20 FreeBSD-SA-04:09.kadmind + Correct a heap buffer overflow in k5admind's Kerberos IV support. + 20040505: p19 FreeBSD-SA-04:08.heimdal Correctly validate the transited field in Kerberos tickets. diff --git a/crypto/heimdal/kadmin/version4.c b/crypto/heimdal/kadmin/version4.c index 466ec3a4f852..a61ef314d01f 100644 --- a/crypto/heimdal/kadmin/version4.c +++ b/crypto/heimdal/kadmin/version4.c @@ -964,6 +964,8 @@ handle_v4(krb5_context context, if(term_flag) exit(0); if(first) { + if (len < 2) + krb5_errx(context, 1, "received too short len (%d < 2)", len); /* first time around, we have already read len, and two bytes of the version string */ krb5_data_alloc(&message, len); diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 5c3e21825b07..06c6d97a2923 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -36,7 +36,7 @@ TYPE="FreeBSD" REVISION="4.8" -BRANCH="RELEASE-p19" +BRANCH="RELEASE-p20" RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" |