Sophie

Sophie

distrib > Mandriva > mes5 > x86_64 > by-pkgid > 19626080a97ccf78468f2a8585a21a6a > files > 30

krb5-1.8.1-0.10mdvmes5.2.src.rpm


http://web.mit.edu/kerberos/advisories/2011-004-patch-r18.txt

diff -Naurp krb5-1.8.1/src/kadmin/server/network.c krb5-1.8.1.oden/src/kadmin/server/network.c
--- krb5-1.8.1/src/kadmin/server/network.c	2009-12-03 02:35:21.000000000 +0000
+++ krb5-1.8.1.oden/src/kadmin/server/network.c	2011-04-22 05:03:23.000000000 +0000
@@ -1384,6 +1384,10 @@ cleanup:
     if (local_kaddrs != NULL)
         krb5_free_addresses(server_handle->context, local_kaddrs);
 
+    if ((*response)->data == NULL) {
+        free(*response);
+        *response = NULL;
+    }
     krb5_kt_close(server_handle->context, kt);
 
     return ret;
diff -Naurp krb5-1.8.1/src/kadmin/server/schpw.c krb5-1.8.1.oden/src/kadmin/server/schpw.c
--- krb5-1.8.1/src/kadmin/server/schpw.c	2009-10-31 00:48:38.000000000 +0000
+++ krb5-1.8.1.oden/src/kadmin/server/schpw.c	2011-04-22 05:03:23.000000000 +0000
@@ -74,8 +74,13 @@ process_chpw_request(context, server_han
     plen = (*ptr++ & 0xff);
     plen = (plen<<8) | (*ptr++ & 0xff);
 
-    if (plen != req->length)
-        return(KRB5KRB_AP_ERR_MODIFIED);
+    if (plen != req->length) {
+        ret = KRB5KRB_AP_ERR_MODIFIED;
+        numresult = KRB5_KPASSWD_MALFORMED;
+        strlcpy(strresult, "Request length was inconsistent",
+                sizeof(strresult));
+        goto chpwfail;
+    }
 
     /* verify version number */

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional