| 1 |
eras 10/11/05 21:13:42 |
| 2 |
|
| 3 |
Added: CVE-2010-1322.patch |
| 4 |
Log: |
| 5 |
Security bump - bug #339866 |
| 6 |
|
| 7 |
(Portage version: 2.1.9.24/cvs/Linux x86_64) |
| 8 |
|
| 9 |
Revision Changes Path |
| 10 |
1.1 app-crypt/mit-krb5/files/CVE-2010-1322.patch |
| 11 |
|
| 12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/mit-krb5/files/CVE-2010-1322.patch?rev=1.1&view=markup |
| 13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-crypt/mit-krb5/files/CVE-2010-1322.patch?rev=1.1&content-type=text/plain |
| 14 |
|
| 15 |
Index: CVE-2010-1322.patch |
| 16 |
=================================================================== |
| 17 |
diff --git a/src/kdc/kdc_authdata.c b/src/kdc/kdc_authdata.c |
| 18 |
index b5de64d..cc44e29 100644 |
| 19 |
--- a/src/kdc/kdc_authdata.c |
| 20 |
+++ b/src/kdc/kdc_authdata.c |
| 21 |
@@ -495,7 +495,7 @@ merge_authdata (krb5_context context, |
| 22 |
krb5_boolean copy, |
| 23 |
krb5_boolean ignore_kdc_issued) |
| 24 |
{ |
| 25 |
- size_t i, nadata = 0; |
| 26 |
+ size_t i, j, nadata = 0; |
| 27 |
krb5_authdata **authdata = *out_authdata; |
| 28 |
|
| 29 |
if (in_authdata == NULL || in_authdata[0] == NULL) |
| 30 |
@@ -529,16 +529,16 @@ merge_authdata (krb5_context context, |
| 31 |
in_authdata = tmp; |
| 32 |
} |
| 33 |
|
| 34 |
- for (i = 0; in_authdata[i] != NULL; i++) { |
| 35 |
+ for (i = 0, j = 0; in_authdata[i] != NULL; i++) { |
| 36 |
if (ignore_kdc_issued && |
| 37 |
is_kdc_issued_authdatum(context, in_authdata[i], 0)) { |
| 38 |
free(in_authdata[i]->contents); |
| 39 |
free(in_authdata[i]); |
| 40 |
} else |
| 41 |
- authdata[nadata + i] = in_authdata[i]; |
| 42 |
+ authdata[nadata + j++] = in_authdata[i]; |
| 43 |
} |
| 44 |
|
| 45 |
- authdata[nadata + i] = NULL; |
| 46 |
+ authdata[nadata + j] = NULL; |
| 47 |
|
| 48 |
free(in_authdata); |
Archives