Skip Menu |
 

Download (untitled) / with headers
text/plain 2.4KiB
From dsr@lnscu5.lns.cornell.edu Fri Feb 22 14:39:05 2002
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id OAA20794
for <bugs@RT-11.mit.edu>; Fri, 22 Feb 2002 14:39:04 -0500 (EST)
Received: from lnscu5.lns.cornell.edu (lnscu5.lns.cornell.edu [128.84.44.111])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id OAA10933
for <krb5-bugs@mit.edu>; Fri, 22 Feb 2002 14:39:04 -0500 (EST)
Received: from lnscu6.lns.cornell.edu (lnscu6.lns.cornell.edu [128.84.45.151])
by lnscu5.lns.cornell.edu (8.12.1/8.12.1) with ESMTP id g1MJd4o2012583
for <krb5-bugs@mit.edu>; Fri, 22 Feb 2002 14:39:04 -0500 (EST)
Received: by lnscu6.lns.cornell.edu (8.8.8/1.1.22.3/15Feb00-0854AM)
id OAA0000019720; Fri, 22 Feb 2002 14:39:03 -0500 (EST)
Message-Id: <200202221939.OAA0000019720@lnscu6.lns.cornell.edu>
Date: Fri, 22 Feb 2002 14:39:03 -0500 (EST)
From: Dan Riley <dsr@mail.lns.cornell.edu>
Reply-To: dsr@mail.lns.cornell.edu
To: krb5-bugs@mit.edu
Subject: incorrect option processing in kg2_parse_token
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 1064
>Category: krb5-libs
>Synopsis: incorrect option processing in kg2_parse_token
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Feb 22 14:40:01 EST 2002
>Last-Modified:
>Originator: Dan Riley
>Organization:
LNS, Cornell U.
Show quoted text
>Release: krb5-1.2.3
>Environment:
System: OSF1 lnscu6.lns.cornell.edu V4.0 1229 alpha
Machine: alpha
Show quoted text
>Description:
The comments for kg2_parse_token say:

noptions/options lists all the options which the caller cares
about. Those which are present in the token are filled in; the
order and length are not changed.

The current code actually assigns all options to options[0], due
to '='/'==' typo and a misplaced break.
Show quoted text
>How-To-Repeat:
>Fix:
diff -ur krb5-1.2.3/src/lib/gssapi/krb5/util_ctxsetup.c krb5/lib/gssapi/krb5/util_ctxsetup.c
--- krb5-1.2.3/src/lib/gssapi/krb5/util_ctxsetup.c Wed Jan 9 17:27:43 2002
+++ krb5/lib/gssapi/krb5/util_ctxsetup.c Sat Sep 18 13:11:28 1999
@@ -103,11 +103,11 @@
goto defective;

for (i=0; i<noptions; i++) {
- if (options[i].option_id = opt_id) {
+ if (options[i].option_id == opt_id) {
options[i].length = field_length;
options[i].data = ptr;
+ break;
}
- break;
}

ptr += field_length;
Show quoted text
>Audit-Trail:
>Unformatted:
No longer relevant, as we have deleted that code.