]> granicus.if.org Git - curl/commit
projects / curl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8732ec4) | patch
krb5: avoid realloc(0)
authorDaniel Stenberg <daniel@haxx.se>
Wed, 28 Sep 2016 10:56:02 +0000 (12:56 +0200)
committerDaniel Stenberg <daniel@haxx.se>
Mon, 31 Oct 2016 07:46:35 +0000 (08:46 +0100)
commit3d6460edeee21d7d790ec570d0887bed1f4366dd
tree65703bcc26fae14358ff6d5653eebe5b013ecaa1tree | snapshot
parent8732ec40db652c53fa58cd13e2acb8eab6e40874commit | diff
krb5: avoid realloc(0)

If the requested size is zero, bail out with error instead of doing a
realloc() that would cause a double-free: realloc(0) acts as a free()
and then there's a second free in the cleanup path.

CVE-2016-8619

Bug: https://curl.haxx.se/docs/adv_20161102E.html
Reported-by: Cure53
lib/security.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.