diff options
Diffstat (limited to 'app-crypt/mit-krb5/files/mit-krb5-CVE-2014-5353.patch')
| -rw-r--r-- | app-crypt/mit-krb5/files/mit-krb5-CVE-2014-5353.patch | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/app-crypt/mit-krb5/files/mit-krb5-CVE-2014-5353.patch b/app-crypt/mit-krb5/files/mit-krb5-CVE-2014-5353.patch new file mode 100644 index 000000000000..8f8712beec5f --- /dev/null +++ b/app-crypt/mit-krb5/files/mit-krb5-CVE-2014-5353.patch @@ -0,0 +1,19 @@ +diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c +index 522773e..6779f51 100644 +--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c ++++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c +@@ -314,10 +314,11 @@ krb5_ldap_get_password_policy_from_dn(krb5_context context, char *pol_name, + LDAP_SEARCH(pol_dn, LDAP_SCOPE_BASE, "(objectclass=krbPwdPolicy)", password_policy_attributes); + + ent=ldap_first_entry(ld, result); +- if (ent != NULL) { +- if ((st = populate_policy(context, ld, ent, pol_name, *policy)) != 0) +- goto cleanup; ++ if (ent == NULL) { ++ st = KRB5_KDB_NOENTRY; ++ goto cleanup; + } ++ st = populate_policy(context, ld, ent, pol_name, *policy); + + cleanup: + ldap_msgfree(result); |