mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
s3:gse_krb5: fix a possible crash in fill_mem_keytab_from_system_keytab()
If the keytab file isn't readable, we may call krb5_kt_end_seq_get() with an invalid kt_cursor. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10490 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Michael Saxl <mike@mwsys.mine.bz> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
parent
a075b7f8dd
commit
a9780a2eaa
@ -437,6 +437,14 @@ static krb5_error_code fill_mem_keytab_from_system_keytab(krb5_context krbctx,
|
||||
if (ret) {
|
||||
DEBUG(1, (__location__ ": krb5_kt_start_seq_get failed (%s)\n",
|
||||
error_message(ret)));
|
||||
/*
|
||||
* krb5_kt_start_seq_get() may leaves bogus data
|
||||
* in kt_cursor. And we want to use the all_zero()
|
||||
* logic below.
|
||||
*
|
||||
* See bug #10490
|
||||
*/
|
||||
ZERO_STRUCT(kt_cursor);
|
||||
goto out;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user