[Heimdal-source-changes] [heimdal/heimdal] 23ee80: lib/krb5: krb5_config_parse_file_multi use after f...
GitHub
noreply at github.com
Sat Mars 18 20:22:35 CET 2017
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: 23ee804e9d23ed83a3a502501dbe5fe50ab9094a
https://github.com/heimdal/heimdal/commit/23ee804e9d23ed83a3a502501dbe5fe50ab9094a
Author: Jeffrey Altman <jaltman at secure-endpoints.com>
Date: 2017-03-18 (Sat, 18 Mar 2017)
Changed paths:
M lib/krb5/config_file.c
Log Message:
-----------
lib/krb5: krb5_config_parse_file_multi use after free
If the file is not a regular file, the 'fname' buffer will be freed
before it is passed to the krb5_set_error_message() routine. That
this is true is not obvious from code inspection but 'newfname'
and 'fname' refer to the same memory.
Change-Id: I7780eae9ceaf01b245df488a2f7d7f406770864f
More information about the Heimdal-source-changes
mailing list