mirrors/JetBrainsRuntime
1
0
Fork 0
mirror of https://github.com/JetBrains/JetBrainsRuntime.git synced 2025-12-06 09:29:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

8325680: Uninitialised memory in deleteGSSCB of GSSLibStub.c:179

Browse Source 
Reviewed-by: valeriep, djelinski
This commit is contained in:
Weijun Wang
2024-02-27 22:26:08 +00:00
parent 349df0a0e5
commit 419191c653
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/java.security.jgss/share/native/libj2gss/GSSLibStub.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -196,7 +196,10 @@ gss_channel_bindings_t newGSSCB(JNIEnv *env, jobject jcb) {
return GSS_C_NO_CHANNEL_BINDINGS;
}
cb = malloc(sizeof(struct gss_channel_bindings_struct));
// initialize cb as zeroes to avoid uninitialized pointer being
// freed when deleteGSSCB is called at cleanup.
cb = calloc(1, sizeof(struct gss_channel_bindings_struct));
if (cb == NULL) {
gssThrowOutOfMemoryError(env, NULL);
return NULL;
@@ -216,9 +219,6 @@ gss_channel_bindings_t newGSSCB(JNIEnv *env, jobject jcb) {
cb->initiator_addrtype = GSS_C_AF_NULLADDR;
cb->acceptor_addrtype = GSS_C_AF_NULLADDR;
}
// addresses needs to be initialized to empty
memset(&cb->initiator_address, 0, sizeof(cb->initiator_address));
memset(&cb->acceptor_address, 0, sizeof(cb->acceptor_address));
/* set up initiator address */
jinetAddr = (*env)->CallObjectMethod(env, jcb,