[Bug 1066] off-by-one error with GSSAPI names
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sat Aug 27 01:16:50 EST 2005
http://bugzilla.mindrot.org/show_bug.cgi?id=1066
Summary: off-by-one error with GSSAPI names
Product: Portable OpenSSH
Version: 4.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: bitbucket at mindrot.org
ReportedBy: dleonard at vintela.com
ssh_gssapi_import_name() passes a string through a GSSAPI buffer that is one
byte too long. This seems to occasionally cause problems, like spurious garbage
characters appearing at the end of realms.
------- Additional Comments From dleonard at vintela.com 2005-08-08 23:33 -------
Created an attachment (id=945)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=945&action=view)
quick fix
Simple fix that decrements the buffer length after the snprintf.
A real fix would not be so hacky. :)
------- Additional Comments From djm at mindrot.org 2005-08-27 01:16 -------
Are you saying that gssbuf.value shouldn't be \0 terminated?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list