File: mod_auth_kerb-krb5_kt_close.patch

package info (click to toggle)
libapache-mod-auth-kerb 5.4-2.4
  • links: PTS
  • area: main
  • in suites: bullseye, sid
  • size: 636 kB
  • sloc: ansic: 3,236; makefile: 92; sh: 4
file content (20 lines) | stat: -rw-r--r-- 1,018 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Description: fix use after free in authenticate_user_krb5pwd()
Origin: https://sourceforge.net/p/modauthkerb/bugs/61/attachment/mod_auth_kerb-krb5_kt_close.patch
Bug: https://sourceforge.net/p/modauthkerb/bugs/61/
Bug-Debian: https://bugs.debian.org/934043
Author: Johan Ymerson (https://sourceforge.net/u/ymerson/)
diff -ruN mod_auth_kerb-5.4.orig/src/mod_auth_kerb.c mod_auth_kerb-5.4/src/mod_auth_kerb.c
--- mod_auth_kerb-5.4.orig/src/mod_auth_kerb.c	2018-12-12 16:59:43.762013269 +0100
+++ mod_auth_kerb-5.4/src/mod_auth_kerb.c	2018-12-12 16:59:59.151945123 +0100
@@ -799,11 +799,9 @@
 	            "failed to verify krb5 credentials: %s",
 		          krb5_get_err_text(context, ret));
          krb5_kt_end_seq_get(context, keytab, &cursor);
-         krb5_kt_close(context, keytab);
          goto end;
        }
        krb5_kt_end_seq_get(context, keytab, &cursor);
-       krb5_kt_close(context, keytab);
      }
      else {
        if ((ret = verify_krb5_init_creds(r, context, &creds, server, keytab))) {