$NetBSD: patch-CVE-2014-4344,v 1.1 2014/08/28 22:23:05 tez Exp $

fix for CVE-2014-4344 from:
https://github.com/krb5/krb5/commit/a7886f0ed1277c69142b14a2c6629175a6331edc

--- lib/gssapi/spnego/spnego_mech.c
+++ lib/gssapi/spnego/spnego_mech.c
@@ -1442,7 +1442,7 @@ acc_ctx_cont(OM_uint32 *minstat,
 
 	ptr = bufstart = buf->value;
 #define REMAIN (buf->length - (ptr - bufstart))
-	if (REMAIN > INT_MAX)
+	if (REMAIN == 0 || REMAIN > INT_MAX)
 		return GSS_S_DEFECTIVE_TOKEN;
 
 	/*
