17 lines
484 B
Plaintext
17 lines
484 B
Plaintext
$NetBSD: patch-CVE-2014-4344,v 1.1 2014/08/28 22:23:05 tez Exp $
|
|
|
|
fix for CVE-2014-4344 from:
|
|
https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc
|
|
|
|
--- lib/gssapi/spnego/spnego_mech.c
|
|
+++ lib/gssapi/spnego/spnego_mech.c
|
|
@@ -1442,7 +1442,7 @@ acc_ctx_cont(OM_uint32 *minstat,
|
|
|
|
ptr = bufstart = buf->value;
|
|
#define REMAIN (buf->length - (ptr - bufstart))
|
|
- if (REMAIN > INT_MAX)
|
|
+ if (REMAIN == 0 || REMAIN > INT_MAX)
|
|
return GSS_S_DEFECTIVE_TOKEN;
|
|
|
|
/*
|