upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-28 04:12:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

kgssapi(4): Fix string overrun in Kerberos principal construction

Browse source 
'buf.value' was previously treated as a nul-terminated string, but only
allocated with strlen() space.  Rectify this.

Reported by:	Coverity
CID:		1007639
Sponsored by:	EMC / Isilon Storage Division
This commit is contained in:
Conrad Meyer 2016-04-20 04:45:23 +00:00
parent 1a7dfcc5a3
commit e3081f7e3e
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
View file

@ -331,7 +331,7 @@ rpc_gss_get_principal_name(rpc_gss_principal_t *principal,
* Construct a gss_buffer containing the full name formatted
* as "name/node@domain" where node and domain are optional.
*/
namelen = strlen(name);
namelen = strlen(name) + 1;
if (node) {
namelen += strlen(node) + 1;
}