Skip Menu |
 

To: rt-krb5@krbdev.mit.edu
Subject: get_in_tkt_with_keytab passes wrong pointer to get_init_creds
From: Tom Yu <tlyu@mit.edu>
Date: Fri, 27 Jun 2003 13:35:00 -0400
Download (untitled)
message/rfc822 2.1KiB
Return-Path: <herb@sgi.com>
Sender: herb@chomps.engr.sgi.com
Message-ID: <3EFA2803.EB1D2EC2@sgi.com>
Date: Wed, 25 Jun 2003 15:53:55 -0700
From: Herb Lewis <herb@sgi.com>
Organization: Silicon Graphics Inc.
To: Tom Yu <tlyu@mit.edu>
Subject: Re: krb5-1.3-beta4 is available
References: <ldvel1tnvcj.fsf@cathode-dark-space.mit.edu>
Lines: 59
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="==-=-="

--==-=-=

There is a minor problem we have discovered in the file

krb5-1.3-beta4/src/lib/krb5/krb/gic_keytab.c

In the function krb5_get_in_tkt_with_keytab you define the following
variable

krb5_keytab keytab; (krb5_keytab is actually a pointer to a structure)

and then pass the variable to the function krb5_get_init_creds as
&keytab (the argument is (void *)gak_data in this function). This
variable is then passed to the routine krb5_get_as_key_keytab where
it is used in the assignment

krb5_keytab keytab = (krb5_keytab) gak_data;

but at this point it is actually a pointer to a krb5_keytab.

All other calls to krb5_get_init_creds use (void *) keytab not
&keytab as the argument.

We get a SEGV because of a null pointer dereference when you use
the command "kadmin -k". The following patch fixes this.

--
======================================================================
Herb Lewis Silicon Graphics
Networking Engineer 1600 Amphitheatre Pkwy MS-510
Strategic Software Organization Mountain View, CA 94043-1351
herb@sgi.com Tel: 650-933-2177
http://www.sgi.com Fax: 650-932-2177
PGP Key: 0x8408D65D
======================================================================
--==-=-=
Content-Type: text/plain; name=patches
Content-Disposition: inline; filename=patches

--- krb5-1.3-beta4/src/lib/krb5/krb/gic_keytab.c.orig
+++ krb5-1.3-beta4/src/lib/krb5/krb/gic_keytab.c
@@ -174,7 +174,7 @@
creds, creds->client,
krb5_prompter_posix, NULL,
0, server, &opt,
- krb5_get_as_key_keytab, &keytab,
+ krb5_get_as_key_keytab, (void *) keytab,
0, ret_as_reply);
krb5_free_unparsed_name( context, server);
if (retval) {

--==-=-=--
From: tlyu@mit.edu
Subject: CVS Commit
* gic_keytab.c (krb5_get_in_tkt_with_keytab): Pass (void*)keytab,
not &keytab, to get_init_creds. Thanks to Herb Lewis.


To generate a diff of this commit:



cvs diff -r5.415 -r5.416 krb5/src/lib/krb5/krb/ChangeLog
cvs diff -r5.13 -r5.14 krb5/src/lib/krb5/krb/gic_keytab.c
From: tlyu@mit.edu
Subject: CVS Commit
pullup from trunk


To generate a diff of this commit:



cvs diff -r5.378.2.23 -r5.378.2.24 krb5/src/lib/krb5/krb/ChangeLog
cvs diff -r5.10.2.3 -r5.10.2.4 krb5/src/lib/krb5/krb/gic_keytab.c