diff options
Diffstat (limited to 'source4/heimdal/lib/krb5/changepw.c')
-rw-r--r-- | source4/heimdal/lib/krb5/changepw.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/source4/heimdal/lib/krb5/changepw.c b/source4/heimdal/lib/krb5/changepw.c index 1e7cd0d464f..12f0b154689 100644 --- a/source4/heimdal/lib/krb5/changepw.c +++ b/source4/heimdal/lib/krb5/changepw.c @@ -40,7 +40,7 @@ static void str2data (krb5_data *d, const char *fmt, - ...) __attribute__ ((format (printf, 2, 3))); + ...) __attribute__ ((__format__ (__printf__, 2, 3))); static void str2data (krb5_data *d, @@ -302,6 +302,10 @@ process_reply (krb5_context context, _krb5_get_int(reply, &size, 4); if (size + 4 < len) continue; + if (sizeof(reply) - 4 < size) { + krb5_set_error_message(context, ERANGE, "size from server too large %s", host); + return ERANGE; + } memmove(reply, reply + 4, size); len = size; break; @@ -326,7 +330,7 @@ process_reply (krb5_context context, if (len < 6) { str2data (result_string, "server %s sent to too short message " - "(%zu bytes)", host, len); + "(%llu bytes)", host, (unsigned long long)len); *result_code = KRB5_KPASSWD_MALFORMED; return 0; } @@ -714,7 +718,7 @@ krb5_change_password (krb5_context context, * @param context a Keberos context * @param creds The initial kadmin/passwd for the principal or an admin principal * @param newpw The new password to set - * @param targprinc if unset, the default principal is used. + * @param targprinc if unset, the client principal from creds is used * @param result_code Result code, KRB5_KPASSWD_SUCCESS is when password is changed. * @param result_code_string binary message from the server, contains * at least the result_code. @@ -744,7 +748,7 @@ krb5_set_password(krb5_context context, krb5_data_zero(result_string); if (targprinc == NULL) { - ret = krb5_get_default_principal(context, &principal); + ret = krb5_copy_principal(context, creds->client, &principal); if (ret) return ret; } else |