| commit | 434f461e9e5a914d4e5a9141324f1705e5e50cf9 | |
| author | Joseph Sutton <josephsutton@catalyst.net.nz> | |
| Fri, 14 Oct 2022 03:45:37 +0000 (14 16:45 +1300) | ||
| committer | Jule Anger <janger@samba.org> | |
| Tue, 15 Nov 2022 17:02:52 +0000 (15 17:02 +0000) | ||
| tree | 64422584a783e47958e2aee8e1c263df6060709d | treesnapshot (tar.gz zip) |
| parent | 15696da01515692b5a3ce647e3049229e5b82393 | commitdiff |
CVE-2022-42898 third_party/heimdal: PAC parse integer overflows
Catch overflows that result from adding PAC_INFO_BUFFER_SIZE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15203
Heavily edited by committer Nico Williams <nico@twosigma.com>, original by
Joseph Sutton <josephsutton@catalyst.net.nz>.
Signed-off-by: Nico Williams <nico@twosigma.com>
[jsutton@samba.org Zero-initialised header_size in krb5_pac_parse() to
avoid a maybe-uninitialized error; added a missing check for ret == 0]
Autobuild-User(master): Jule Anger <janger@samba.org>
Autobuild-Date(master): Tue Nov 15 17:02:52 UTC 2022 on sn-devel-184
Catch overflows that result from adding PAC_INFO_BUFFER_SIZE.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15203
Heavily edited by committer Nico Williams <nico@twosigma.com>, original by
Joseph Sutton <josephsutton@catalyst.net.nz>.
Signed-off-by: Nico Williams <nico@twosigma.com>
[jsutton@samba.org Zero-initialised header_size in krb5_pac_parse() to
avoid a maybe-uninitialized error; added a missing check for ret == 0]
Autobuild-User(master): Jule Anger <janger@samba.org>
Autobuild-Date(master): Tue Nov 15 17:02:52 UTC 2022 on sn-devel-184
| third_party/heimdal/lib/krb5/pac.c | diffblobblamehistory | |
| third_party/heimdal/lib/krb5/test_pac.c | diffblobblamehistory |