← Back to branch summary

~ubuntu-branches/ubuntu/natty/krb5/natty-updates

« back to all changes in this revision

Viewing changes to src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c

  • Committer: Bazaar Package Importer
  • Author(s): Steve Beattie
  • Date: 2011-10-10 15:23:12 UTC
  • Revision ID: james.westby@ubuntu.com-20111010152312-lz6ww58zhata89s1
Tags: 1.8.3+dfsg-5ubuntu2.2
* SECURITY UPDATE: fix multiple kdc DoS issues:
  - db2/lockout.c, ldap/libkdb_ldap/ldap_principal2.c,
    ldap/libkdb_ldap/lockout.c:
    + more strict checking for null pointers
    + disable assert iand return when db is locked
    + applied inline
  - CVE-2011-1528 and CVE-2011-1529
  - MITKRB5-SA-2011-006

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
131
131
    CHECK_LDAP_HANDLE(ldap_context);
132
132
 
133
133
    if (is_principal_in_realm(ldap_context, searchfor) != 0) {
 
134
        st = KRB5_KDB_NOENTRY;
134
135
        *more = 0;
135
136
        krb5_set_error_message (context, st, "Principal does not belong to realm");
136
137
        goto cleanup;