index | | raw e-mail
commit 27691b8b9303c6fec89a6dcb9c56f8c8f0f5e69c
Author: Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2026-06-02 18:09:43 +0000
Commit: Cy Schubert <cy@FreeBSD.org>
CommitDate: 2026-06-15 13:11:49 +0000
krb5: Fix reachable assert when importing krb5 names
If a name token contains trailing garbage, error out from
krb5_gss_import_name() instead of crashing the process with an
assertion failure.
Commit message details obtained from upstream commit.
Obtained from: upstream commit 07818f1fd
Reported by: Aisle Research (Ze Sheng, Dmitrijs Trizna,
Luigino Camastra, Guido Vranken) to krb5-bugs
MFC after: 3 days
(cherry picked from commit fce16f60de9718be6b789f00e86141a84cd920d3)
---
crypto/krb5/src/lib/gssapi/krb5/import_name.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/crypto/krb5/src/lib/gssapi/krb5/import_name.c b/crypto/krb5/src/lib/gssapi/krb5/import_name.c
index a067d0742331..b4c29b442511 100644
--- a/crypto/krb5/src/lib/gssapi/krb5/import_name.c
+++ b/crypto/krb5/src/lib/gssapi/krb5/import_name.c
@@ -297,7 +297,8 @@ import_name(OM_uint32 *minor_status, gss_buffer_t input_name_buffer,
goto fail_name;
cp += length;
}
- assert(cp == end);
+ if (cp != end)
+ goto fail_name;
} else {
status = GSS_S_BAD_NAMETYPE;
goto cleanup;
home |
help