Skip Menu |
 

Download (untitled) / with headers
text/plain 2.3KiB
From krb5-bugs-incoming-bounces@mit.edu Mon Dec 20 15:59:03 2004
Received: from mailman.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.9.3p2) with ESMTP
id PAA17231; Mon, 20 Dec 2004 15:59:03 -0500 (EST)
Received: from pch.mit.edu (pch.mit.edu [127.0.0.1])
by mailman.mit.edu (8.12.8p2/8.12.8) with ESMTP id iBKKxTYR009555
for <krb5-send-pr@krbdev.mit.edu>; Mon, 20 Dec 2004 15:59:29 -0500
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU
[18.7.21.83])
by mailman.mit.edu (8.12.8p2/8.12.8) with ESMTP id iBIKj5YR024329
for <krb5-bugs-incoming@PCH.mit.edu>; Sat, 18 Dec 2004 15:45:05 -0500
Received: from drosera.info ([217.153.241.133])iBIKiULq027507
for <krb5-bugs@mit.edu>; Sat, 18 Dec 2004 15:44:36 -0500 (EST)
Received: from drosera.info (drosera.info [127.0.0.1])
by drosera.info (8.12.11/8.12.11) with ESMTP id iBIKj6AI016949
for <krb5-bugs@mit.edu>; Sat, 18 Dec 2004 21:45:06 +0100
Received: (from root@localhost)
by drosera.info (8.12.11/8.12.11/Submit) id iBIKj5uh016946;
Sat, 18 Dec 2004 21:45:05 +0100
Date: Sat, 18 Dec 2004 21:45:05 +0100
Message-Id: <200412182045.iBIKj5uh016946@drosera.info>
To: krb5-bugs@mit.edu
From: Marcin Garski <mgarski@post.pl>
X-send-pr-version: 3.99
X-Spam-Score: -4.9
X-Spam-Flag: NO
X-Scanned-By: MIMEDefang 2.42
X-Mailman-Approved-At: Mon, 20 Dec 2004 15:59:27 -0500
Subject: Subscript out of range
X-BeenThere: krb5-bugs-incoming@mit.edu
X-Mailman-Version: 2.1
Precedence: list
Reply-To: mgarski@post.pl
Sender: krb5-bugs-incoming-bounces@mit.edu
Errors-To: krb5-bugs-incoming-bounces@mit.edu


Show quoted text
>Submitter-Id: net
>Originator: Marcin Garski
>Organization:

Show quoted text
>Confidential: no
>Synopsis: Subscript out of range
>Severity: non-critical
>Priority: medium
>Category: krb5-libs
>Class: sw-bug
>Release: krb5-1.3.4
>Environment:

System: Linux drosera.info 2.6.9 #1 Thu Oct 21 23:11:10 CEST 2004 i686 athlon i386 GNU/Linux
Architecture: i686

Show quoted text
>Description:
/src/appl/telnet/libtelnet/kerberos.c
In function kerberos4_status() there is a line (#622):
name[255] = '\0';
But name[] is defined as:
static char name[ANAME_SZ];
and ANAME_SZ == 40

Also one line earlier (#621) there is function call:
strncpy(kname, UserNameRequested, 255);
Show quoted text
>How-To-Repeat:
Please read /src/appl/telnet/libtelnet/kerberos.c file.
Show quoted text
>Fix:
Probably solution:
Instead of 'name[255] = '\0';' there should be a 'kname[255] = '\0';'
From: tlyu@mit.edu
Subject: CVS Commit
* kerberos.c (kerberos4_status): Null-terminate the correct
string. Reported by Marcin Garski.


To generate a diff of this commit:



cvs diff -r5.101 -r5.102 krb5/src/appl/telnet/libtelnet/ChangeLog
cvs diff -r5.27 -r5.28 krb5/src/appl/telnet/libtelnet/kerberos.c
From: tlyu@mit.edu
Subject: CVS Commit
pullup from trunk


To generate a diff of this commit:



cvs diff -r5.100.4.1 -r5.100.4.2
krb5/src/appl/telnet/libtelnet/ChangeLog
cvs diff -r5.27 -r5.27.8.1
krb5/src/appl/telnet/libtelnet/kerberos.c