Skip Menu |
 

From: ghudson@mit.edu
Subject: git commit

Fix minor utf8-to-ucs2s read overrun bug

k5_utf8s_to_ucs2s() reads and ignores one extra byte from the input
string before terminating its loop, possibly overrunning the input
buffer of its caller. This overrun is typically without consequence,
but can show up in tools like asan or valgrind during RC4
string-to-key operations. Fix the bug by swapping the order of the
loop conditions.

https://github.com/krb5/krb5/commit/eb52da21d72faa3d00b1205a5a0fdbabc45c9e6d
Author: Greg Hudson <ghudson@mit.edu>
Commit: eb52da21d72faa3d00b1205a5a0fdbabc45c9e6d
Branch: master
src/util/support/utf8_conv.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
From: tlyu@mit.edu
Subject: git commit

Fix minor utf8-to-ucs2s read overrun bug

k5_utf8s_to_ucs2s() reads and ignores one extra byte from the input
string before terminating its loop, possibly overrunning the input
buffer of its caller. This overrun is typically without consequence,
but can show up in tools like asan or valgrind during RC4
string-to-key operations. Fix the bug by swapping the order of the
loop conditions.

(cherry picked from commit eb52da21d72faa3d00b1205a5a0fdbabc45c9e6d)

https://github.com/krb5/krb5/commit/299476d5d8ff60e127139b37473954e4d0d2125f
Author: Greg Hudson <ghudson@mit.edu>
Committer: Tom Yu <tlyu@mit.edu>
Commit: 299476d5d8ff60e127139b37473954e4d0d2125f
Branch: krb5-1.14
src/util/support/utf8_conv.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)