Author: ngie
Date: Fri May 13 08:34:53 2016
New Revision: 299620
URL: https://svnweb.freebsd.org/changeset/base/299620

Log:
  MFstable/10 r299619:
  
  MFC r298336:
  r298336 (by cem):
  
  kgssapi(4): Fix string overrun in Kerberos principal construction
  
  'buf.value' was previously treated as a nul-terminated string, but only
  allocated with strlen() space.  Rectify this.
  
  CID:          1007639

Modified:
  stable/9/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
Directory Properties:
  stable/9/   (props changed)
  stable/9/sys/   (props changed)

Modified: stable/9/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
==============================================================================
--- stable/9/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c        Fri May 13 08:30:26 
2016        (r299619)
+++ stable/9/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c        Fri May 13 08:34:53 
2016        (r299620)
@@ -334,7 +334,7 @@ rpc_gss_get_principal_name(rpc_gss_princ
         * Construct a gss_buffer containing the full name formatted
         * as "name/node@domain" where node and domain are optional.
         */
-       namelen = strlen(name);
+       namelen = strlen(name) + 1;
        if (node) {
                namelen += strlen(node) + 1;
        }
_______________________________________________
svn-src-stable-9@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-9
To unsubscribe, send any mail to "svn-src-stable-9-unsubscr...@freebsd.org"

Reply via email to