From 0978af0fc44d1339304afcdf1ec8c7d737dc0736 Mon Sep 17 00:00:00 2001 From: cy Date: Sat, 16 Nov 2002 00:02:13 +0000 Subject: Update 1.2.6 --> 1.2.7 Note: Since crypto-publish.org does not yet have krb5-1.2.7 up on their website, fetch from their site has been temporarily disabled. --- .../files/patch-kadmin::v4server::kadm_ser_wrap.c | 26 ---------------------- 1 file changed, 26 deletions(-) delete mode 100644 security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c (limited to 'security/krb5/files') diff --git a/security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c b/security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c deleted file mode 100644 index 2fa89e96690b..000000000000 --- a/security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c +++ /dev/null @@ -1,26 +0,0 @@ ---- kadmin/v4server/kadm_ser_wrap.c.orig Tue May 23 14:44:50 2000 -+++ kadmin/v4server/kadm_ser_wrap.c Wed Oct 23 15:15:24 2002 -@@ -170,14 +170,21 @@ - u_char *retdat, *tmpdat; - int retval, retlen; - -- if (strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) { -+ if ((*dat_len < KADM_VERSIZE + sizeof(krb5_ui_4)) -+ || strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) { - errpkt(dat, dat_len, KADM_BAD_VER); - return KADM_BAD_VER; - } - in_len = KADM_VERSIZE; - /* get the length */ -- if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0) -+ if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0 -+ || (r_len > *dat_len - KADM_VERSIZE - sizeof(krb5_ui_4)) -+ || (*dat_len - r_len - KADM_VERSIZE - -+ sizeof(krb5_ui_4) > sizeof(authent.dat))) { -+ errpkt(dat, dat_len, KADM_LENGTH_ERROR); - return KADM_LENGTH_ERROR; -+ } -+ - in_len += retc; - authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(krb5_ui_4); - memcpy((char *)authent.dat, (char *)(*dat) + in_len, authent.length); -- cgit