Author: ngie Date: Fri May 13 08:34:53 2016 New Revision: 299620 URL: https://svnweb.freebsd.org/changeset/base/299620
Log: MFstable/10 r299619: MFC r298336: r298336 (by cem): kgssapi(4): Fix string overrun in Kerberos principal construction 'buf.value' was previously treated as a nul-terminated string, but only allocated with strlen() space. Rectify this. CID: 1007639 Modified: stable/9/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Directory Properties: stable/9/ (props changed) stable/9/sys/ (props changed) Modified: stable/9/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c ============================================================================== --- stable/9/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Fri May 13 08:30:26 2016 (r299619) +++ stable/9/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Fri May 13 08:34:53 2016 (r299620) @@ -334,7 +334,7 @@ rpc_gss_get_principal_name(rpc_gss_princ * Construct a gss_buffer containing the full name formatted * as "name/node@domain" where node and domain are optional. */ - namelen = strlen(name); + namelen = strlen(name) + 1; if (node) { namelen += strlen(node) + 1; } _______________________________________________ svn-src-stable-9@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-9 To unsubscribe, send any mail to "svn-src-stable-9-unsubscr...@freebsd.org"