[
https://issues.apache.org/jira/browse/DIRKRB-583?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15327379#comment-15327379
]
Emmanuel Lecharny commented on DIRKRB-583:
------------------------------------------
Fixed in ApacheDS kerberos code :
http://svn.apache.org/viewvc?rev=1748146&view=rev
The data read from teh file are checked against any size that might be <0 or >
of the file size.
> Validate payload length declared in keytab
> ------------------------------------------
>
> Key: DIRKRB-583
> URL: https://issues.apache.org/jira/browse/DIRKRB-583
> Project: Directory Kerberos
> Issue Type: Bug
> Reporter: Kai Zheng
> Assignee: Kai Zheng
> Fix For: 1.0.0-GA
>
> Attachments: DIRKRB-583-v1.patch
>
>
> Reported and suggested by [[email protected]], in Kerby it needs to validate
> the declared payload length against the real input stream.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
