From af7a454fd3da00363fde4728708eb83d5e734230 Mon Sep 17 00:00:00 2001 From: Cy Schubert Date: Fri, 21 Mar 2003 00:54:06 +0000 Subject: Patches from: - MITKRB5-SA-2003-005: Buffer overrun and underrun in principal name handling - MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 protocol; KDC and realm compromise possible. - MITKRB5-SA-2003-003: Faulty length checks in xdrmem_getbytes may allow kadmind DoS. - Additional patches from RedHat. Approved by: kris (wearing his portmgr hat) Obtained from: MIT Website and Nalin Dahyabhai --- security/krb5-16/files/patch-lib::krb5::krb::unparse.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 security/krb5-16/files/patch-lib::krb5::krb::unparse.c (limited to 'security/krb5-16/files/patch-lib::krb5::krb::unparse.c') diff --git a/security/krb5-16/files/patch-lib::krb5::krb::unparse.c b/security/krb5-16/files/patch-lib::krb5::krb::unparse.c new file mode 100644 index 000000000000..690eb5febea2 --- /dev/null +++ b/security/krb5-16/files/patch-lib::krb5::krb::unparse.c @@ -0,0 +1,17 @@ +Index: lib/krb5/krb/unparse.c +=================================================================== +RCS file: /cvs/krbdev/krb5/src/lib/krb5/krb/unparse.c,v +retrieving revision 5.27.4.1 +diff -p -u -r5.27.4.1 unparse.c +--- lib/krb5/krb/unparse.c 2002/08/12 22:55:01 5.27.4.1 ++++ lib/krb5/krb/unparse.c 2003/03/19 00:39:02 +@@ -153,7 +153,8 @@ krb5_unparse_name_ext(context, principal + *q++ = COMPONENT_SEP; + } + +- q--; /* Back up last component separator */ ++ if (i > 0) ++ q--; /* Back up last component separator */ + *q++ = REALM_SEP; + + cp = krb5_princ_realm(context, principal)->data; -- cgit v1.2.3