Bug 6367 – globus_i_gsi_gssapi_openssl_error_result doesn't check array bounds

Bug 6367 - globus_i_gsi_gssapi_openssl_error_result doesn't check array bounds

Summary:

globus_i_gsi_gssapi_openssl_error_result doesn't check array bounds

Status:	RESOLVED FIXED

Product:	GSI C
Component:	Authentication
Version:	4.2.0
Platform:	Macintosh All

Importance:	P3 normal
Target Milestone:	4.2.1
Assigned To:	Joe Bester

URL:
Keywords:	4.0.x

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2008-09-09 13:15 by Joe Bester
Modified:	2008-09-10 16:05 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Joe Bester 2008-09-09 13:15:39

These cases where detected by coverity prevent run 2:

globus_i_gsi_gssapi_openssl_error_result pulls an error string out of an array
based on its input value. Some GSSAPI major_status values are bit shifted
beyond the end of the array and can cause wild reads.

In particular, gss_import_sec_context() can generate a GSS_S_NO_CONTEXT.
CID #1097

------- Comment #1 From Joe Bester 2008-09-10 16:05:57 -------

Fixes committed to 4.2 branch, 4.0 branch, and trunk. Relevant CIDs marked as
RESOLVED.