]> eyrie.org Git - kerberos/heimdal-kadm5.git/commitdiff
projects / kerberos / heimdal-kadm5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2268b2a)
Guard against a NULL mod_name
authorRuss Allbery <eagle@eyrie.org>
Mon, 18 Dec 2017 03:55:48 +0000 (19:55 -0800)
committerRuss Allbery <eagle@eyrie.org>
Mon, 18 Dec 2017 03:55:48 +0000 (19:55 -0800)
* Guard against a NULL mod_name in getModName and return undef.  Thanks,
  Sergio Gelato.  (Closes: #670517)

debian/changelog patch | blob | history
debian/patches/guard-against-null-mod-name.patch [new file with mode: 0644] patch | blob
debian/patches/series patch | blob | history

diff --git a/debian/changelog b/debian/changelog
index 39e5803a8909fbdc0560f7849949ebd0627f5fbf..d38fcac2d6c97a847e31e32daf85d098290f51b9 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,7 @@
 libheimdal-kadm5-perl (0.08-5) UNRELEASED; urgency=medium
 
+  * Guard against a NULL mod_name in getModName and return undef.  Thanks,
+    Sergio Gelato.  (Closes: #670517)
   * Convert to a proper 3.0 (quilt) package with managed patches.
   * Contribute the package to the Debian Perl Group.
     - Change Maintainer to the group.
diff --git a/debian/patches/guard-against-null-mod-name.patch b/debian/patches/guard-against-null-mod-name.patch
new file mode 100644 (file)
index 0000000..15bf83e
--- /dev/null
+++ b/debian/patches/guard-against-null-mod-name.patch
@@ -0,0 +1,28 @@
+Description: Guard against NULL pointer dereference in krb5_unparse_name
+Author: Sergio Gelato <Sergio.Gelato@astro.su.se>
+
+--- a/Kadm5.xs
++++ b/Kadm5.xs
+@@ -737,14 +737,19 @@
+        char *p;
+        krb5_error_code ret;
+        
+-       ret = krb5_unparse_name(spp->handle->context,spp->principal.mod_name,&p);
+-       if (ret)
++       if (spp->principal.mod_name) 
++       {
++         ret = krb5_unparse_name(spp->handle->context,spp->principal.mod_name,&p);
++         if (ret)
+        {
+          safefree(p);
+          croak("[Heimdal::Kadm5] krb5_unparse_name failed: %s\n",
+                krb5_get_err_text(spp->handle->context, ret));
+        }
+-       RETVAL = newSVpv(p,0);
++       RETVAL = newSVpv(p,0);
++       }
++       else
++       RETVAL = &PL_sv_undef;
+      }
+      OUTPUT:
+      RETVAL
diff --git a/debian/patches/series b/debian/patches/series
index bbe36b7bcbf1fc60d034db2c349cfd71e3c3b65d..468baa853cdb8806b9f68c4c2869921e3a73262d 100644 (file)
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 fix-library-calls.patch
+guard-against-null-mod-name.patch
Perl module for Heimdal kadmin API