The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=3deefb0d147d71047a13ec2328b1b721da2ce256
commit 3deefb0d147d71047a13ec2328b1b721da2ce256 Author: Cy Schubert <[email protected]> AuthorDate: 2022-12-08 23:22:43 +0000 Commit: Cy Schubert <[email protected]> CommitDate: 2022-12-09 14:09:54 +0000 heimdal: Properly ix bus fault when zero-length request received Zero length client requests result in a bus fault when attempting to free malloc()ed pointers within the requests softc. Return an error when the request is zero length. This properly fixes PR/268062 without regressions. PR: 268062 Reported by: Robert Morris <[email protected]> MFC after: 3 days --- crypto/heimdal/kadmin/server.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/heimdal/kadmin/server.c b/crypto/heimdal/kadmin/server.c index 19dfd89d521a..5e01277fe45b 100644 --- a/crypto/heimdal/kadmin/server.c +++ b/crypto/heimdal/kadmin/server.c @@ -473,6 +473,8 @@ v5_loop (krb5_context contextp, ret = krb5_read_priv_message(contextp, ac, &fd, &in); if(ret == HEIM_ERR_EOF) exit(0); + if (in.length == 0) + ret = HEIM_ERR_OPNOTSUPP; if(ret) krb5_err(contextp, 1, ret, "krb5_read_priv_message"); doing_useful_work = 1;
