Skip Menu |
 

Download (untitled) / with headers
text/plain 4.1KiB
From John.C.Hayward@wheaton.edu Tue Jan 14 00:31:06 1997
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id AAA10092 for <bugs@RT-11.MIT.EDU>; Tue, 14 Jan 1997 00:31:01 -0500
Received: from wheaton.wheaton.edu by MIT.EDU with SMTP
id AA06500; Tue, 14 Jan 97 00:31:00 EST
Received: from david.wheaton.edu (johnh@david.wheaton.edu [192.138.89.15]) by wheaton.wheaton.edu (8.8.4/wheaton) with SMTP id XAA12558 for <krb5-bugs@mit.edu>; Mon, 13 Jan 1997 23:34:34 -0600
Message-Id: <Pine.ULT.3.95.970113231348.952B-100000@david.wheaton.edu>
Date: Mon, 13 Jan 1997 23:19:45 -0600 (CST)
From: "John C. Hayward" <John.C.Hayward@wheaton.edu>
To: krb-bugs@MIT.EDU
Subject: kdb5_util loadv4 segfaults when stash file defaulted

Show quoted text
>Number: 341
>Category: krb5-admin
>Synopsis: kdb5_util load_v4 with default stash file causes segmentation fault
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: bjaspan
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Jan 14 00:32:00 EST 1997
>Last-Modified: Wed Mar 12 01:27:01 EST 1997
>Originator: John Hayward
>Organization:
Wheaton College
Show quoted text
>Release: 1.0
>Environment:
System: NetBSD johnh.wheaton.edu 1.2B NetBSD 1.2B (JOHNH) #0: Thu Nov 14 23:43:13 PST 1996 johnh@johnhnew.wheaton.edu:/usr/src/sys/arch/i386/compile/JOHNH i386


Show quoted text
>Description:
When attempting to do a kdb5_util load_v4 without a stash file the
kdb5_util causes a segmentation fault.
Show quoted text
>How-To-Repeat:
Do a kdb5_util load_v4 without configuring a stash file or specifing
a stash file as the command line option. I believe the stash file involved
is the kerberos 5 stash file.
Show quoted text
>Fix:
Line 195 of loadv4.c calls strdup with NULL argument. On NetBSD
strdup calls strlen with this argument which causes a segmentation fault.
I was able to verify under Ultrix 4.4 that passing a NULL argument to
strlen also causes a segmentation fault. While I am not an expert on
what strdup should do with a NULL argument the following replacement of
Line 195 of loadv4.c fixed the problem for me:

stash_file = global_params.stash_file ?
strdup(global_params.stash_file) : NULL;

It may be that if stash_file is explicitly configured and/or if
the stash file is specified on the command line that
global_params.stash_file may not be NULL but I did not check this out. It
might be a work around for those without source.


Show quoted text
>Audit-Trail:

State-Changed-From-To: open-closed
State-Changed-By: tytso
State-Changed-When: Wed Mar 12 01:26:27 1997
State-Changed-Why: Fix checked in


From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: "John C. Hayward" <John.C.Hayward@wheaton.edu>
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-admin/341: kdb5_util load_v4 with default stash file causes segmentation fault
Date: Wed, 12 Mar 1997 01:25:04 -0500

From John.C.Hayward@wheaton.edu Tue Jan 14 00:31:06 1997
Date: Mon, 13 Jan 1997 23:19:45 -0600 (CST)

When attempting to do a kdb5_util load_v4 without a stash file the
kdb5_util causes a segmentation fault.

Thanks for submitting this bug report! I applied the following change to
our sources to fix the problem:

RCS file: /mit/krbdev/.cvsroot/src/kadmin/dbutil/loadv4.c,v
retrieving revision 1.10
diff -u -r1.10 loadv4.c
--- loadv4.c 1997/02/20 06:10:37 1.10
+++ loadv4.c 1997/03/12 06:19:45
@@ -194,7 +194,8 @@
dbname = global_params.dbname;
mkey_name = global_params.mkey_name;
master_keyblock.enctype = global_params.enctype;
- stash_file = strdup(global_params.stash_file);
+ if (global_params.stash_file)
+ stash_file = strdup(global_params.stash_file);
rblock.max_life = global_params.max_life;
rblock.max_rlife = global_params.max_rlife;
rblock.expiration = global_params.expiration;

- Ted
Show quoted text
>Unformatted:
X-send-pr-version: 3.99

Fixed, with the following checkins...

/mit/krbdev/.cvsroot/src/kadmin/dbutil/loadv4.c,v <-- loadv4.c
new revision: 1.11; previous revision: 1.10
/mit/krbdev/.cvsroot/src/kadmin/dbutil/ChangeLog,v <-- ChangeLog
new revision: 1.32; previous revision: 1.31