Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) X-RT-Original-Encoding: iso-8859-1 Content-Length: 4333 From kenh@cmf.nrl.navy.mil Fri Mar 7 16:55:40 1997 Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id QAA01914 for ; Fri, 7 Mar 1997 16:55:36 -0500 Received: from ginger.cmf.nrl.navy.mil by MIT.EDU with SMTP id AA08239; Fri, 7 Mar 97 16:55:34 EST Received: from nexus.cmf.nrl.navy.mil (kenh@nexus.cmf.nrl.navy.mil [134.207.10.9]) by ginger.cmf.nrl.navy.mil (8.8.5/8.8.5) with ESMTP id QAA13594 for ; Fri, 7 Mar 1997 16:55:23 -0500 (EST) Received: (kenh@localhost) by nexus.cmf.nrl.navy.mil (8.7.5/8.6.11) id QAA10493; Fri, 7 Mar 1997 16:55:32 -0500 (EST) Message-Id: <199703072155.QAA10493@nexus.cmf.nrl.navy.mil> Date: Fri, 7 Mar 1997 16:55:32 -0500 (EST) From: Ken Hornstein Reply-To: kenh@cmf.nrl.navy.mil To: krb5-bugs@MIT.EDU Subject: Password history doesn't work unless there are already old keys X-Send-Pr-Version: 3.99 >Number: 386 >Category: krb5-admin >Synopsis: Kadmind pw history doesn't work if there aren't already passwords in the database >Confidential: no >Severity: serious >Priority: high >Responsible: bjaspan >State: closed >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Fri Mar 07 16:56:01 EST 1997 >Last-Modified: Fri May 30 15:58:17 EDT 1997 >Originator: Ken Hornstein >Organization: Navel Research Lab >Release: 1.0 >Environment: System: SunOS nexus 4.1.4 2 sun4m Architecture: sun4 >Description: If you don't already have old keys stored for a user and give them a password policy that stores old passwords, they will get "not enough memory" when they try to change their password. I tracked this down to code in add_to_history, in svr_principal. This functions calls realloc() with a pointer to the old keys. However, if there are no old keys, then realloc gets called with a NULL pointer, and this fails under SunOS. I'm not sure if it's SunOS that's broken here; certainly most other systems treat realloc(NULL,...) like malloc. >How-To-Repeat: Try to create a password history policy with a kadmind on SunOS. >Fix: This fixes it for me. --- lib/kadm5/srv/svr_principal.c.orig Mon Nov 11 17:05:18 1996 +++ lib/kadm5/srv/svr_principal.c Fri Mar 7 16:08:40 1997 @@ -964,9 +964,14 @@ /* resize the adb->old_keys array if necessary */ if (adb->old_key_len < pol->pw_history_num-1) { - adb->old_keys = (osa_pw_hist_ent *) - realloc(adb->old_keys, - (adb->old_key_len+1)*sizeof(osa_pw_hist_ent)); + if (adb->old_keys == NULL) { + adb->old_keys = (osa_pw_hist_ent *) + malloc(((adb->old_key_len+1)*sizeof(osa_pw_hist_ent))); + } else { + adb->old_keys = (osa_pw_hist_ent *) + realloc(adb->old_keys, + (adb->old_key_len+1)*sizeof(osa_pw_hist_ent)); + } if (adb->old_keys == NULL) return(ENOMEM); >Audit-Trail: From: "Theodore Y. Ts'o" To: krb5-bugs@MIT.EDU, kenh@cmf.nrl.navy.mil Cc: bjaspan@MIT.EDU, gnats-admin@RT-11.MIT.EDU, krb5-prs@RT-11.MIT.EDU Subject: Re: krb5-admin/386: Password history doesn't work unless there are already old keys Date: Fri, 7 Mar 1997 17:27:26 -0500 Date: Fri, 7 Mar 1997 16:55:32 -0500 (EST) From: Ken Hornstein I tracked this down to code in add_to_history, in svr_principal. This functions calls realloc() with a pointer to the old keys. However, if there are no old keys, then realloc gets called with a NULL pointer, and this fails under SunOS. I'm not sure if it's SunOS that's broken here; certainly most other systems treat realloc(NULL,...) like malloc. The ANSI C standard specifies that realloc(NULL, size) behaves like malloc(size). (See 7.10.3.4). We've had to work around this sort of bug before; we just missed this case in the new kadmin code. Thanks for pointing it out! - Ted State-Changed-From-To: open-feedback State-Changed-By: tlyu State-Changed-When: Sun Mar 9 18:07:19 1997 State-Changed-Why: Change checked in. lib/kadm5/srv/svr_principal.c 1.10 This probably wants to go in the 1.0 patch-1 State-Changed-From-To: feedback-closed State-Changed-By: tlyu State-Changed-When: Fri May 30 15:58:06 1997 State-Changed-Why: 1.0pl1 has been released >Unformatted: