Sophie: krb5-1.3-6.6.100mdk src

krb5-1.3-6.6.100mdk.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

An attempt to free v5tkt further down will corrupt the heap if we don't reset
the enc_part2 pointer when we free it ourselves.  Apparently introduced as part
of the fix for MITKRB5-SA-2003-004.

--- krb5-1.2.7/src/krb524/krb524d.c	2003-03-31 21:35:03.000000000 -0500
+++ krb5-1.2.7/src/krb524/krb524d.c	2003-03-31 21:35:46.000000000 -0500
@@ -535,8 +535,10 @@
 	  printf("v4 credentials encoded\n");
 
  error:
-     if (v5tkt->enc_part2)
+     if (v5tkt->enc_part2) {
 	 krb5_free_enc_tkt_part(context, v5tkt->enc_part2);
+	 v5tkt->enc_part2 = NULL;
+     }
 
      if(v5_service_key.contents)
        krb5_free_keyblock_contents(context, &v5_service_key);