Blame krb5-1.4.1-api.patch
|
|
80238a2 |
Reference docs don't define what happens if you call krb5_realm_compare() with
|
|
|
80238a2 |
malformed krb5_principal structures. Define a behavior which keeps it from
|
|
|
80238a2 |
crashing if applications don't check ahead of time.
|
|
|
80238a2 |
|
|
|
80238a2 |
--- krb5-1.4.1/src/lib/krb5/krb/princ_comp.c 2002-09-02 21:13:46.000000000 -0400
|
|
|
80238a2 |
+++ krb5-1.4.1/src/lib/krb5/krb/princ_comp.c 2005-06-29 13:56:55.000000000 -0400
|
|
|
80238a2 |
@@ -33,6 +33,13 @@
|
|
|
80238a2 |
krb5_boolean KRB5_CALLCONV
|
|
|
80238a2 |
krb5_realm_compare(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2)
|
|
|
80238a2 |
{
|
|
|
80238a2 |
+ if ((princ1 == NULL) || (princ2 == NULL))
|
|
|
80238a2 |
+ return FALSE;
|
|
|
80238a2 |
+
|
|
|
80238a2 |
+ if ((krb5_princ_realm(context, princ1) == NULL) ||
|
|
|
80238a2 |
+ (krb5_princ_realm(context, princ2) == NULL))
|
|
|
80238a2 |
+ return FALSE;
|
|
|
80238a2 |
+
|
|
|
80238a2 |
if (krb5_princ_realm(context, princ1)->length !=
|
|
|
80238a2 |
krb5_princ_realm(context, princ2)->length ||
|
|
|
80238a2 |
memcmp (krb5_princ_realm(context, princ1)->data,
|
|
|
80238a2 |
@@ -49,6 +56,9 @@
|
|
|
80238a2 |
register int i;
|
|
|
80238a2 |
krb5_int32 nelem;
|
|
|
80238a2 |
|
|
|
80238a2 |
+ if ((princ1 == NULL) || (princ2 == NULL))
|
|
|
80238a2 |
+ return FALSE;
|
|
|
80238a2 |
+
|
|
|
80238a2 |
nelem = krb5_princ_size(context, princ1);
|
|
|
80238a2 |
if (nelem != krb5_princ_size(context, princ2))
|
|
|
80238a2 |
return FALSE;
|