Skip Menu |
 

History Show all quoted textShow full headers
# Tue Sep 21 16:39:22 2004 hartmans (Sam Hartman) - Ticket created
From: hartmans@mit.edu
Subject: CVS Commit
Download (untitled) / with headers
text/plain 370B
Derrick Schommer reports that arcfour's string_to_key function leaks
memory. This is true; it copies the password to convert to utf16 and
never frees the copy. It does memset the copy to 0 when done.


To generate a diff of this commit:



cvs diff -r1.21 -r1.22 krb5/src/lib/crypto/arcfour/ChangeLog
cvs diff -r1.6 -r1.7 krb5/src/lib/crypto/arcfour/string_to_key.c
# Tue Sep 21 16:39:24 2004 hartmans (Sam Hartman) - Status changed from 'new' to 'resolved'
# Tue Sep 21 16:39:24 2004 hartmans (Sam Hartman) - Requestor hartmans (Sam Hartman) added
# Tue Sep 21 16:39:25 2004 hartmans (Sam Hartman) - Requestor <schommer@gmail.com> added
# Tue Sep 21 17:03:53 2004 hartmans (Sam Hartman) - Version_reported 1.3 added
# Mon Nov 15 22:22:23 2004 tlyu (Taylor Yu) - Version_Fixed 1.4 added