Overview

File krb5-CVE-2023-36054.patch of Package opengauss

diff -Naur a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c
--- a/src/lib/kadm5/kadm_rpc_xdr.c	2023-09-01 16:16:12.843658117 +0800
+++ b/src/lib/kadm5/kadm_rpc_xdr.c	2023-09-01 16:12:03.704811364 +0800
@@ -390,6 +390,7 @@
 			     int v)
 {
 	unsigned int n;
+	bool_t r;
 
 	if (!xdr_krb5_principal(xdrs, &objp->principal)) {
 		return (FALSE);
@@ -443,6 +444,9 @@
 	if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) {
 		return (FALSE);
 	}
+	if (xdrs->x_op == XDR_DECODE && objp->n_key_data < 0) {
+		return (FALSE);
+	}
 	if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) {
 		return (FALSE);
 	}
@@ -451,9 +455,10 @@
 		return FALSE;
 	}
 	n = objp->n_key_data;
-	if (!xdr_array(xdrs, (caddr_t *) &objp->key_data,
-		       &n, ~0, sizeof(krb5_key_data),
-		       xdr_krb5_key_data_nocontents)) {
+	r = xdr_array(xdrs, (caddr_t *) &objp->key_data, &n, objp->n_key_data,
+		      sizeof(krb5_key_data), xdr_krb5_key_data_nocontents);
+	objp->n_key_data = n;
+	if (!r) {
 		return (FALSE);
 	}
openSUSE Build Service is sponsored by
Places