Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: tlyu@mit.edu
Subject: git commit
RT-Send-CC:
X-RT-Original-Encoding: iso-8859-1
Content-Length: 818


Improve checking of decoded DB2 principal values

In krb5_decode_princ_entry(), verify the length of the principal name
before calling krb5_parse_name() or strlen(), to avoid a possible
buffer read overrun.  Check all length fields for negative values.
Avoid performing arithmetic as part of bounds checks.  If the value of
key_data_ver is unexpected, return KRB5_KDB_BAD_VERSION instead of
aborting.

(cherry picked from commit e3d9f03a658e247dbb43cb345aa93a28782fd995)

https://github.com/krb5/krb5/commit/da19877809618425c7232544c4910d2d865385c2
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: da19877809618425c7232544c4910d2d865385c2
Branch: krb5-1.13
 src/plugins/kdb/db2/kdb_xdr.c |   39 +++++++++++++++++++++++++--------------
 1 files changed, 25 insertions(+), 14 deletions(-)