From: | gsu@UU.NET |
Date: | Tue, 6 Jan 2004 14:32:35 -0500 (EST) |
To: | krb5-bugs@mit.edu |
Cc: | grace.su@mci.com |
Subject: | bug in krb5_cc_remove_cred API? |
Hi,
I am coding a test program that calls krb5_cc_remove_cred and
encountered a problem. Checking out the source
code (krb5-1.3.1.tar) that I downloaded from your site, I believe
the problem is caused by a bug in the code.
The file is src/lib/krb5/ccache/ccfns.c
The function is krb5_cc_remove_cred. This function calls
cache->ops->remove_cred without checking if cache->ops->remove_cred
is NULL. In fact cache->ops->remove_cred is NULL, hence calling
program core dumps. cache->ops is defined as krb5_fcc_ops in
src/lib/krb5/ccache/cc_file.c and the remove_cred entry is NULL.
Please let me know if I am correct or I missed anything.
Thank you.
Grace Su
grace.su@mci.com