Skip Menu |
 

Subject: krb5_rd_safe_basic() throws exception when sender_addr is NULL
When 'sender_addr' is NULL, krb5_rd_safe_basic() calls
krb5_address_compare() which throws a NULL pointer exception.

krb5_address_compare() checks to ensure that message->r_address and
recv_addr are not NULL before calling krb5_address_compare() but does
not check the state of sender_addr and message->s_address.

'sender_addr' will be NULL if krb5_rd_safe() is called without
generating address bindings for the auth_context.
To: rt@krbdev.mit.edu
Cc: krb5-prs@mit.edu
Subject: Re: [krbdev.mit.edu #1527] krb5_rd_safe_basic() throws exception when sender_addr is NULL
From: Sam Hartman <hartmans@mit.edu>
Date: Mon, 26 May 2003 14:56:32 -0400
RT-Send-Cc:
Note that s-address is not optional and that krb_mk_safe must fail if
the context does not have address bindings.

So it's only a matter of a segfault vs an error return. I.E. still a
bug but not a very serious one.