diff options
Diffstat (limited to 'security/mit-krb5/patches/patch-CVE-2014-4344')
-rw-r--r-- | security/mit-krb5/patches/patch-CVE-2014-4344 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/security/mit-krb5/patches/patch-CVE-2014-4344 b/security/mit-krb5/patches/patch-CVE-2014-4344 new file mode 100644 index 00000000000..a2066f88089 --- /dev/null +++ b/security/mit-krb5/patches/patch-CVE-2014-4344 @@ -0,0 +1,16 @@ +$NetBSD: patch-CVE-2014-4344,v 1.1 2014/08/28 22:23:05 tez Exp $ + +fix for CVE-2014-4344 from: +https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc + +--- lib/gssapi/spnego/spnego_mech.c ++++ lib/gssapi/spnego/spnego_mech.c +@@ -1442,7 +1442,7 @@ acc_ctx_cont(OM_uint32 *minstat, + + ptr = bufstart = buf->value; + #define REMAIN (buf->length - (ptr - bufstart)) +- if (REMAIN > INT_MAX) ++ if (REMAIN == 0 || REMAIN > INT_MAX) + return GSS_S_DEFECTIVE_TOKEN; + + /* |