Skip to content

Commit

Permalink
kpasswd: check krb5_unparse_name return
Browse files Browse the repository at this point in the history 
In verify() if krb5_unparse_name() fails 'sname' will be used
unitialized in the subsequent krb5_warnx() and free() calls.

Change-Id: I5a49bf06879eb5a77cf2d1d3f0d4b9c6549aeff8
  • Loading branch information
@jaltman
jaltman committed Apr 17, 2016
1 parent 4ad2f58 commit 87d56ef
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions kpasswd/kpasswdd.c
View file
Expand Up @@ -530,8 +530,10 @@ verify (krb5_auth_context *auth_context,
if (!same) {
char *sname;

krb5_unparse_name(context, (*ticket)->server, &sname);
krb5_warnx(context, "Invalid kpasswd service principal %s", sname);
if (krb5_unparse_name(context, (*ticket)->server, &sname) != 0)
sname = NULL;
krb5_warnx(context, "Invalid kpasswd service principal %s",
sname ? sname : "<enomem>");
free(sname);
reply_error(NULL, s, sa, sa_size, ret, 1, "Bad request");
goto out;
Expand Down

0 comments on commit 87d56ef

Please sign in to comment.