[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
possible breakage in kpasswd with 0.5?
(Sorry if this is a duplicate)
With the new release of Heimdal 0.5, there appears to be a problem in the
process_reply method in lib/krb5/changepw.c
On line 178, there's a check to make sure the priv_data.data does not overflow
the reply buffer- except the check is >=, when it looks like it should just
We've experienced the problem when running against Active Directory as the
changepw server- I have not verified it against the heimdal or mit servers.
Changing the test to > fixes the problems we've had.
Is this a real bug, or is there something else wrong?