svn commit: r299619 - stable/10/sys/rpc/rpcsec_gss
Garrett Cooper
ngie at FreeBSD.org
Fri May 13 08:30:27 UTC 2016
Author: ngie
Date: Fri May 13 08:30:26 2016
New Revision: 299619
URL: https://svnweb.freebsd.org/changeset/base/299619
Log:
MFC r298336:
r298336 (by cem):
kgssapi(4): Fix string overrun in Kerberos principal construction
'buf.value' was previously treated as a nul-terminated string, but only
allocated with strlen() space. Rectify this.
CID: 1007639
Modified:
stable/10/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
==============================================================================
--- stable/10/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Fri May 13 08:25:17 2016 (r299618)
+++ stable/10/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Fri May 13 08:30:26 2016 (r299619)
@@ -331,7 +331,7 @@ rpc_gss_get_principal_name(rpc_gss_princ
* Construct a gss_buffer containing the full name formatted
* as "name/node at domain" where node and domain are optional.
*/
- namelen = strlen(name);
+ namelen = strlen(name) + 1;
if (node) {
namelen += strlen(node) + 1;
}
More information about the svn-src-stable-10
mailing list