Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: tlyu@mit.edu
Subject: git commit
RT-Send-CC:
X-RT-Original-Encoding: iso-8859-1
Content-Length: 734


Properly handle PKCS11 label in PKINIT

The CK_TOKEN_INFO label field is defined to be zero-filled, but it may
not be zero-terminated if all bytes of the field are used.  Use only
length-counted operations to process it.  Also avoid underrunning the
buffer pointer if the label is empty or contains only whitespace.

(cherry picked from commit f8b42ef541a463f56720ec9358dd07716b04c5e2)

https://github.com/krb5/krb5/commit/acb07eae351434ca1058634270e5a9674ea064c5
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: acb07eae351434ca1058634270e5a9674ea064c5
Branch: krb5-1.12
 src/plugins/preauth/pkinit/pkinit_crypto_openssl.c |   28 ++++++++++++-------
 1 files changed, 18 insertions(+), 10 deletions(-)