Bug 3873 – possible negative argument to malloc() in globus_gss_assist_token_get_fd()

Bug 3873 - possible negative argument to malloc() in globus_gss_assist_token_get_fd()

Summary:

possible negative argument to malloc() in globus_gss_assist_token_get_fd()

Status:	RESOLVED FIXED

Product:	GSI C
Component:	Authentication
Version:	4.0.1
Platform:	Macintosh All

Importance:	P3 minor
Target Milestone:	---
Assigned To:	Raj Kettimuthu

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2005-11-01 17:38 by Jim Basney
Modified:	2008-08-11 15:22 (History)

Attachments
patch to gss_assist/source/tokens_f.c (664 bytes, patch) 2005-11-01 17:39, Jim Basney	Details
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Jim Basney 2005-11-01 17:38:05

Random network data can cause globus_gss_assist_token_get_fd() to pass
a negative argument to malloc().  On Mac OS 10.3, I sometimes see

  *** malloc_zone_malloc[1596]: argument too large: 4294246397
  Bus error

when testing how the myproxy-server handles garbage input.  I'm
attaching a one-line patch below.

------- Comment #1 From Jim Basney 2005-11-01 17:39:24 -------

Created an attachment (id=735) [details]
patch to gss_assist/source/tokens_f.c

------- Comment #2 From Raj Kettimuthu 2005-11-02 12:13:37 -------

Fix committed to trunk and 4_0 branch