Ticket History #2614: profile parser sometimes handles tabs incorrectly

From krb5-bugs-incoming-bounces@mit.edu Thu Jun 24 20:06:38 2004
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.9.3p2) with ESMTP
id UAA12075; Thu, 24 Jun 2004 20:06:38 -0400 (EDT)
Received: from pch.mit.edu (localhost [127.0.0.1])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i5P06cl1011604
for <krb5-send-pr@krbdev.mit.edu>; Thu, 24 Jun 2004 20:06:38 -0400 (EDT)
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU
[18.7.21.83])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i5LKaSl1021893
for <krb5-bugs-incoming@PCH.mit.edu>;
Mon, 21 Jun 2004 16:36:28 -0400 (EDT)
Received: from lnscu5.lns.cornell.edu (lnscu5.lns.cornell.edu [128.84.44.111])
i5LKaPSD015955
for <krb5-bugs@mit.edu>; Mon, 21 Jun 2004 16:36:25 -0400 (EDT)
Received: from lnscua.lns.cornell.edu (lnscua.lns.cornell.edu [128.84.45.62])
i5LKaJu8016868
for <krb5-bugs@mit.edu>; Mon, 21 Jun 2004 16:36:19 -0400 (EDT)
From: Dan Riley <dsr@mail.lns.cornell.edu>
Received: by lnscua.lns.cornell.edu (8.8.8/1.1.10.5/23Nov96-0144PM)
id QAA0000011073; Mon, 21 Jun 2004 16:36:19 -0400 (EDT)
Date: Mon, 21 Jun 2004 16:36:19 -0400 (EDT)
Message-Id: <200406212036.QAA0000011073@lnscua.lns.cornell.edu>
To: krb5-bugs@mit.edu
X-send-pr-version: 3.99
X-Mailman-Approved-At: Thu, 24 Jun 2004 20:06:35 -0400
Subject: None
X-BeenThere: krb5-bugs-incoming@mit.edu
X-Mailman-Version: 2.1
Precedence: list
Reply-To: dsr@mail.lns.cornell.edu
Sender: krb5-bugs-incoming-bounces@mit.edu
Errors-To: krb5-bugs-incoming-bounces@mit.edu


Cornell University Laboratory for Elementary-Particle Physics
System: OSF1 lnscua.lns.cornell.edu V4.0 1229 alpha
Machine: alpha
the profile parser incorrectly parses relations where there are tabs
following the tag
Create a profile line where the tag is followed by a tab and a
space, e.g.

master_key_type\t = des-cbc-crc

(where \t should be replaced by an actual tab character). Observe
that the relation is no longer applied by running a program that
depends on this value--for example, kadmin.local on a kdc where the
master key is des-cbc-crc encrpyted:

Authenticating as principal dsr/admin@LNS.CORNELL.EDU with password.
kadmin.local: Stored master key is corrupted while initializing kadmin.local interface

The problem is line 155 in prof_parse.c:

p = strchr(tag, ' ');

which leaves the tab character part of the tag name, so subsequent
comparisons fail to match.

Simplest fixes are to either strchr on everything that could match
isspace() (which may be locale dependent) or to back up over the
white space. The patch below implements the second option. This
will miss syntax errors which the old code did not, as the 'p != cp'
test will never succeed with this change (so it might as well be
removed). A smarter patch might be to just replace

p = strchr(tag, ' ');
if (p) {

with

for (p = tag; *p && !isspace((int) (*p)); ++p);
if (*p) {

Index: prof_parse.c
===================================================================
RCS file: /nfs/localsrc/cvsroot/krb5/util/profile/prof_parse.c,v
retrieving revision 1.1.1.5
diff -u -r1.1.1.5 prof_parse.c
--- prof_parse.c 9 Jan 2004 20:41:58 -0000 1.1.1.5
+++ prof_parse.c 21 Jun 2004 17:50:23 -0000
@@ -152,9 +152,10 @@
if (!cp)
return PROF_RELATION_SYNTAX;
*cp = '\0';
- p = strchr(tag, ' ');
- if (p) {
- *p = '\0';
+ p = cp - 1;
+ if (*p && isspace((int) (*p))) {
+ while (*p && isspace((int) (*p))) --p;
+ *++p = '\0';
p = skip_over_blanks(p+1);
if (p != cp)
return PROF_RELATION_SYNTAX;