Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 29 Nov 2022 23:18:15 GMT
From:      Gordon Tetlow <gordon@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 4ff214b2f271 - releng/12.4 - heimdal: Fix: Too large time skew, client time 1970-01-01T01:00:00
Message-ID:  <202211292318.2ATNIFDm028648@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch releng/12.4 has been updated by gordon:

URL: https://cgit.FreeBSD.org/src/commit/?id=4ff214b2f2719d001d6497c675b5a0e6776ece23

commit 4ff214b2f2719d001d6497c675b5a0e6776ece23
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2022-11-17 15:43:29 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2022-11-29 23:17:39 +0000

    heimdal: Fix: Too large time skew, client time 1970-01-01T01:00:00
    
    Part of ed549cb0c53f zeroed out a data structure in the resulting code-file
    when a TUTCTime type was freed. This part of the patch applies to Heimdal
    7.1+ and not our Heimdal 1.5.2.
    
    PR:             267827
    Reported by:    Peter Much <pmc@citylink.dinoex.sub.org>
    Tested by:      Peter Much <pmc@citylink.dinoex.sub.org>
    Approved by:    so, re (implicit)
    Security:       FreeBSD-EN-22:28.heimdal
    Fixes:          ed549cb0c53f
    
    (cherry picked from commit f556a05c49261af3d373c599d05fa250f3563b59)
    (cherry picked from commit 5afe36c8b79547cda2bdd7297e5e2507a9135945)
---
 crypto/heimdal/lib/asn1/gen_free.c | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/crypto/heimdal/lib/asn1/gen_free.c b/crypto/heimdal/lib/asn1/gen_free.c
index 74449fe6ca82..b9cae7533b17 100644
--- a/crypto/heimdal/lib/asn1/gen_free.c
+++ b/crypto/heimdal/lib/asn1/gen_free.c
@@ -61,13 +61,6 @@ free_type (const char *name, const Type *t, int preserve)
     case TNull:
     case TGeneralizedTime:
     case TUTCTime:
-        /*
-         * This doesn't do much, but it leaves zeros where garbage might
-         * otherwise have been found.  Gets us closer to having the equivalent
-         * of a memset()-to-zero data structure after calling the free
-         * functions.
-         */
-        fprintf(codefile, "*%s = 0;\n", name);
 	break;
     case TBitString:
 	if (ASN1_TAILQ_EMPTY(t->members))

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202211292318.2ATNIFDm028648>