@@ -444,11 +444,18 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_server){
444444 hexa = ssh_get_hexa (output_token .value , output_token .length );
445445 SSH_LOG (SSH_LOG_PACKET , "GSSAPI: sending token %s" ,hexa );
446446 SAFE_FREE (hexa );
447- ssh_buffer_pack (session -> out_buffer ,
448- "bdP" ,
449- SSH2_MSG_USERAUTH_GSSAPI_TOKEN ,
450- output_token .length ,
451- (size_t )output_token .length , output_token .value );
447+ rc = ssh_buffer_pack (session -> out_buffer ,
448+ "bdP" ,
449+ SSH2_MSG_USERAUTH_GSSAPI_TOKEN ,
450+ output_token .length ,
451+ (size_t )output_token .length , output_token .value );
452+ if (rc != SSH_OK ) {
453+ ssh_set_error_oom (session );
454+ ssh_auth_reply_default (session , 0 );
455+ ssh_gssapi_free (session );
456+ session -> gssapi = NULL ;
457+ return SSH_PACKET_USED ;
458+ }
452459 ssh_packet_send (session );
453460 }
454461
@@ -858,6 +865,7 @@ static gss_OID ssh_gssapi_oid_from_string(ssh_string oid_s)
858865}
859866
860867SSH_PACKET_CALLBACK (ssh_packet_userauth_gssapi_response ){
868+ int rc ;
861869 ssh_string oid_s ;
862870 gss_uint32 maj_stat , min_stat ;
863871 gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER ;
@@ -909,11 +917,15 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_response){
909917 hexa = ssh_get_hexa (output_token .value , output_token .length );
910918 SSH_LOG (SSH_LOG_PACKET , "GSSAPI: sending token %s" , hexa );
911919 SAFE_FREE (hexa );
912- ssh_buffer_pack (session -> out_buffer ,
913- "bdP" ,
914- SSH2_MSG_USERAUTH_GSSAPI_TOKEN ,
915- output_token .length ,
916- (size_t )output_token .length , output_token .value );
920+ rc = ssh_buffer_pack (session -> out_buffer ,
921+ "bdP" ,
922+ SSH2_MSG_USERAUTH_GSSAPI_TOKEN ,
923+ output_token .length ,
924+ (size_t )output_token .length , output_token .value );
925+ if (rc != SSH_OK ) {
926+ ssh_set_error_oom (session );
927+ goto error ;
928+ }
917929 ssh_packet_send (session );
918930 session -> auth .state = SSH_AUTH_STATE_GSSAPI_TOKEN ;
919931 }
@@ -976,6 +988,7 @@ static int ssh_gssapi_send_mic(ssh_session session)
976988}
977989
978990SSH_PACKET_CALLBACK (ssh_packet_userauth_gssapi_token_client ){
991+ int rc ;
979992 ssh_string token ;
980993 char * hexa ;
981994 OM_uint32 maj_stat , min_stat ;
@@ -1028,11 +1041,15 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_gssapi_token_client){
10281041 hexa = ssh_get_hexa (output_token .value , output_token .length );
10291042 SSH_LOG (SSH_LOG_PACKET , "GSSAPI: sending token %s" ,hexa );
10301043 SAFE_FREE (hexa );
1031- ssh_buffer_pack (session -> out_buffer ,
1032- "bdP" ,
1033- SSH2_MSG_USERAUTH_GSSAPI_TOKEN ,
1034- output_token .length ,
1035- (size_t )output_token .length , output_token .value );
1044+ rc = ssh_buffer_pack (session -> out_buffer ,
1045+ "bdP" ,
1046+ SSH2_MSG_USERAUTH_GSSAPI_TOKEN ,
1047+ output_token .length ,
1048+ (size_t )output_token .length , output_token .value );
1049+ if (rc != SSH_OK ) {
1050+ ssh_set_error_oom (session );
1051+ goto error ;
1052+ }
10361053 ssh_packet_send (session );
10371054 }
10381055
0 commit comments