|Date:||Tue, 6 Jan 2004 14:32:35 -0500 (EST)|
|Subject:||bug in krb5_cc_remove_cred API?|
Download (untitled) / with headers
I am coding a test program that calls krb5_cc_remove_cred and
encountered a problem. Checking out the source
code (krb5-1.3.1.tar) that I downloaded from your site, I believe
the problem is caused by a bug in the code.
The file is src/lib/krb5/ccache/ccfns.c
The function is krb5_cc_remove_cred. This function calls
cache->ops->remove_cred without checking if cache->ops->remove_cred
is NULL. In fact cache->ops->remove_cred is NULL, hence calling
program core dumps. cache->ops is defined as krb5_fcc_ops in
src/lib/krb5/ccache/cc_file.c and the remove_cred entry is NULL.
Please let me know if I am correct or I missed anything.