Re: [PATCH v7 0/1] MR8116: kerberos: Add support for SECBUFFER_STREAM to SpUnsealMessage().

2 Jun 2025


      Hans Leidekker (@hans) commented about dlls/kerberos/unixlib.c:
...

   ret = pgss_unwrap_iov( &minor_status, ctx, &conf_state, NULL, iov, 2 );


   TRACE( "gss_unwrap_iov returned %#x minor status %#x\n", ret, minor_status );


   if (GSS_ERROR( ret )) trace_gss_status( ret, minor_status );


   if (ret == GSS_S_COMPLETE)


   {


       if (params->data_length < iov[1].buffer.length)


       {


           free( iov[0].buffer.value );


           return SEC_E_BUFFER_TOO_SMALL;


       }


       memcpy( params->data, iov[1].buffer.value, iov[1].buffer.length );


       /* check whether DATA buffer points within STREAM buffer */


       if (!((char *)iov[1].buffer.value >= (char *)iov[0].buffer.value && (char *)iov[1].buffer.value < (char *)iov[0].buffer.value + iov[0].buffer.length))


           pgss_release_buffer( &minor_status, &iov[1].buffer );


Why do we need to release the buffer if we're not passing GSS_C_BUFFER_FLAG_ALLOCATE?
-- 
https://gitlab.winehq.org/wine/wine/-/merge_requests/8116#note_105111

2025

2024

2023

2022

Re: [PATCH v7 0/1] MR8116: kerberos: Add support for SECBUFFER_STREAM to SpUnsealMessage().