The error Coverity complains about is in the malloc. krb5_enctypes is
an enum, so it is usually smaller than the size of a pointer. So we
overallocate, but in the memcpy further down we copy from potentially
invalid memory.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov 13 11:05:44 CET 2013 on sn-devel-104
;
i++;
- *ret_enctypes = malloc(sizeof(ret_enctypes[0]) * i);
+ *ret_enctypes = malloc(sizeof(enctypes[0]) * i);
if (*ret_enctypes == NULL) {
krb5_set_error_message(context, ENOMEM,
N_("malloc: out of memory", ""));
return ENOMEM;
}
- memcpy(*ret_enctypes, enctypes, sizeof(ret_enctypes[0]) * i);
+ memcpy(*ret_enctypes, enctypes, sizeof(enctypes[0]) * i);
return 0;
}