krb5: Fix reachable assert when importing krb5 names
If a name token contains trailing garbage, error out from krb5_gss_import_name() instead of crashing the process with an assertion failure. Commit message details obtained from upstream commit. Obtained from: upstream commit 07818f1fd Reported by: Aisle Research (Ze Sheng, Dmitrijs Trizna, Luigino Camastra, Guido Vranken) to krb5-bugs MFC after: 3 days
This commit is contained in:
@@ -297,7 +297,8 @@ import_name(OM_uint32 *minor_status, gss_buffer_t input_name_buffer,
|
||||
goto fail_name;
|
||||
cp += length;
|
||||
}
|
||||
assert(cp == end);
|
||||
if (cp != end)
|
||||
goto fail_name;
|
||||
} else {
|
||||
status = GSS_S_BAD_NAMETYPE;
|
||||
goto cleanup;
|
||||
|
||||
Reference in New Issue
Block a user