From cc39dd6cddbaaec0244b197ea37513dae2fd14a1 Mon Sep 17 00:00:00 2001
From: Cy Schubert <cy@FreeBSD.org>
Date: Wed, 1 Sep 2004 19:55:26 +0000
Subject: Fix MIT krb5 Security Advisory 2004-002: double-free vulnerabilities
 in KDC and libraries

Heads-up by:	nectar
---
 security/krb5/files/patch-lib::krb5::krb::send_tgs.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 security/krb5/files/patch-lib::krb5::krb::send_tgs.c

(limited to 'security/krb5/files/patch-lib::krb5::krb::send_tgs.c')

diff --git a/security/krb5/files/patch-lib::krb5::krb::send_tgs.c b/security/krb5/files/patch-lib::krb5::krb::send_tgs.c
new file mode 100644
index 000000000000..07b494ffd93e
--- /dev/null
+++ b/security/krb5/files/patch-lib::krb5::krb::send_tgs.c
@@ -0,0 +1,20 @@
+--- lib/krb5/krb/send_tgs.c.orig	Thu May 13 12:27:59 2004
++++ lib/krb5/krb/send_tgs.c	Wed Sep  1 11:46:52 2004
+@@ -269,6 +269,8 @@
+ 	    if (!tcp_only) {
+ 		krb5_error *err_reply;
+ 		retval = decode_krb5_error(&rep->response, &err_reply);
++		if (retval)
++		    goto send_tgs_error_3;
+ 		if (err_reply->error == KRB_ERR_RESPONSE_TOO_BIG) {
+ 		    tcp_only = 1;
+ 		    krb5_free_error(context, err_reply);
+@@ -277,6 +279,8 @@
+ 		    goto send_again;
+ 		}
+ 		krb5_free_error(context, err_reply);
++	    send_tgs_error_3:
++		;
+ 	    }
+ 	    rep->message_type = KRB5_ERROR;
+ 	} else if (krb5_is_tgs_rep(&rep->response))
-- 
cgit v1.2.3