The Samba-Bugzilla – Attachment 17658 Details for
Bug 15203
CVE-2022-42898 [SECURITY] krb5_pac_parse() buffer parsing vulnerability
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
32-bit regression fix for 4.16
bfixes-tmp416.txt (text/plain), 1.02 KB, created by
Stefan Metzmacher
on 2022-11-16 14:53:19 UTC
(
hide
)
Description:
32-bit regression fix for 4.16
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2022-11-16 14:53:19 UTC
Size:
1.02 KB
patch
obsolete
>From d244b15b7cc77fd8b5eb08f6c8097e616ade65a0 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 16 Nov 2022 12:08:45 +0100 >Subject: [PATCH] CVE-2022-42898: HEIMDAL: lib/krb5: fix _krb5_get_int64 on > systems where 'unsigned long' is just 32-bit > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15203 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Ralph Boehme <slow@samba.org> >--- > third_party/heimdal/lib/krb5/store-int.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/third_party/heimdal/lib/krb5/store-int.c b/third_party/heimdal/lib/krb5/store-int.c >index 542b99abc089..6fe7eb37fc69 100644 >--- a/third_party/heimdal/lib/krb5/store-int.c >+++ b/third_party/heimdal/lib/krb5/store-int.c >@@ -49,7 +49,7 @@ KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL > _krb5_get_int64(void *buffer, uint64_t *value, size_t size) > { > unsigned char *p = buffer; >- unsigned long v = 0; >+ uint64_t v = 0; > size_t i; > for (i = 0; i < size; i++) > v = (v << 8) + p[i]; >-- >2.34.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=17658">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
slow
:
review+
Actions:
View
Attachments on
bug 15203
:
17565
|
17567
|
17597
|
17600
|
17617
|
17618
|
17619
|
17620
|
17621
|
17622
|
17623
|
17624
|
17625
|
17627
|
17657
| 17658 |
17659