mirror of
https://github.com/freebsd/freebsd-src
synced 2024-07-23 19:28:36 +00:00
9286d46a79
Apply upstream 22749e918 to fix a buffer overflow.
Upstream notes:
If len_len is equal to total_len - 1 (i.e. the input consists only of a
0x60 byte and a length), the expression 'total_len - 1 - len_len - 1',
used as the 'len' parameter to der_get_length(), will overflow to
SIZE_MAX. Then der_get_length() will proceed to read, unconstrained,
whatever data follows in memory. Add a check to ensure that doesn't
happen
This is similar to samba CVE-2022-3437.
Reported by: emaste
Security: CVE-2022-41916
Obtained from: upstream 22749e918
MFC after: 1 week
|
||
|---|---|---|
| .. | ||
| admin | ||
| appl | ||
| base | ||
| doc | ||
| etc | ||
| include | ||
| kadmin | ||
| kcm | ||
| kdc | ||
| kpasswd | ||
| kuser | ||
| lib | ||
| tools | ||
| acinclude.m4 | ||
| aclocal.m4 | ||
| autogen.sh | ||
| ChangeLog | ||
| ChangeLog.1998 | ||
| ChangeLog.1999 | ||
| ChangeLog.2000 | ||
| ChangeLog.2001 | ||
| ChangeLog.2002 | ||
| ChangeLog.2003 | ||
| ChangeLog.2004 | ||
| ChangeLog.2005 | ||
| ChangeLog.2006 | ||
| compile | ||
| config.guess | ||
| config.sub | ||
| configure | ||
| FREEBSD-Xlist | ||
| install-sh | ||
| krb5.conf | ||
| LICENSE | ||
| ltmain.sh | ||
| Makefile.am | ||
| Makefile.am.common | ||
| Makefile.in | ||
| missing | ||
| NEWS | ||
| README | ||
Heimdal is a Kerberos 5 implementation. For information how to install see <http://www.h5l.org/compile.html>. There are briefer man pages for most of the commands. Bug reports and bugs are appreciated, see more under Bug reports in the manual on how we prefer them: <heimdal-bugs@h5l.org>. For more information see the web-page at <http://www.h5l.org/> or the mailing lists: heimdal-announce@sics.se low-volume announcement heimdal-discuss@sics.se high-volume discussion send a mail to heimdal-announce-request@sics.se and heimdal-discuss-request@sics.se respectively to subscribe.