Ticket History #5301: MITKRB5-SA-2006-002: svctcp_destroy() can call uninitialized function pointer

# Tue Jan 09 14:45:15 2007 tlyu (Taylor Yu) - Ticket created

From:	tlyu@mit.edu
Subject:	SVN Commit

Download (untitled) / with headers
text/plain 410B

Explicitly null out xprt->xp_auth when AUTH_GSSAPI is being used, so
that svctcp_destroy() will not call through an uninitialized function
pointer after code in svc_auth_gssapi.c has destroyed expired state
structures. We can't unconditionally null it because the RPCSEC_GSS
implementation needs it to retrieve state.

Commit By: tlyu

Revision: 19042
Changed Files:
_U trunk/
U trunk/src/lib/rpc/svc.c

# Tue Jan 09 14:45:17 2007 tlyu (Taylor Yu) - Tags pullup added

# Tue Jan 09 14:45:17 2007 tlyu (Taylor Yu) - Status changed from 'new' to 'resolved'

# Tue Jan 09 14:45:18 2007 tlyu (Taylor Yu) - Target_Version 1.6 added

# Tue Jan 09 14:45:19 2007 tlyu (Taylor Yu) - Component krb5-libs added

# Tue Jan 09 14:45:20 2007 tlyu (Taylor Yu) - Requestor tlyu (Taylor Yu) added

# Tue Jan 09 15:21:35 2007 tlyu (Taylor Yu) - Version_Fixed 1.6 added

# Tue Jan 09 15:21:36 2007 tlyu (Taylor Yu) - Correspondence added

From:	tlyu@mit.edu
Subject:	SVN Commit

Download (untitled) / with headers
text/plain 692B

pull up r19042 from trunk

r19042@cathode-dark-space: tlyu | 2007-01-09 14:45:10 -0500
ticket: new
target_version: 1.6
tags: pullup
subject: MITKRB5-SA-2006-002: svctcp_destroy() can call uninitialized function pointer
component: krb5-libs

Explicitly null out xprt->xp_auth when AUTH_GSSAPI is being used, so
that svctcp_destroy() will not call through an uninitialized function
pointer after code in svc_auth_gssapi.c has destroyed expired state
structures. We can't unconditionally null it because the RPCSEC_GSS
implementation needs it to retrieve state.

Commit By: tlyu

Revision: 19044
Changed Files:
_U branches/krb5-1-6/
U branches/krb5-1-6/src/lib/rpc/svc.c

# Wed Dec 16 18:02:48 2015 tlyu (Taylor Yu) - CustomField pullup deleted