Date: | Mon, 6 Aug 2007 11:44:27 -0700 (PDT) |
From: | Scott Neugroschl <sconeu@yahoo.com> |
Subject: | Return value not checked in sname_to_princ |
To: | krb5-bugs@mit.edu |
> Submitter-Id:
> Originator: Scott Neugroschl
> Organization:
> Confidential: No
> Synopsis: Return value not checked in sname_to_princ
> Severity:
> Priority: Low
> Category: krb5-libs
> Class:
> Release: 1.6.2
> Environment: Tandem NonStop Himalaya
> Description:
In sname_to_princ, the return value from krb5_build_principal
is not checked. This can lead to a segfault in the subsequent "call" to
krb5_princ_type. This is related to a bad /etc/hosts file.
> How-To-Repeat: N/A
> Fix: Patch included:
*** ./krb5-1.6.2/src/lib/krb5/os/sn2princ.c Fri Oct 13 12:05:05 2006
--- /users/scottn/krb5-1.6.2/src/lib/krb5/os/sn2princ.c Mon Aug 6 11:33:36 2007
***************
*** 194,199 ****
--- 194,205 ----
realm, sname, remote_host,
(char *)0);
--- /users/scottn/krb5-1.6.2/src/lib/krb5/os/sn2princ.c Mon Aug 6 11:33:36 2007
***************
*** 194,199 ****
--- 194,205 ----
realm, sname, remote_host,
(char *)0);
+ if (retval) {
+ free(remote_host);
+ krb5_xfree(hrealms);
+ return retval;
+ }
+
krb5_princ_type(context, *ret_princ) = type;
+ free(remote_host);
+ krb5_xfree(hrealms);
+ return retval;
+ }
+
krb5_princ_type(context, *ret_princ) = type;
#ifdef DEBUG_REFERRALS
Moody friends. Drama queens. Your life? Nope! - their life, your story.
Play Sims Stories at Yahoo! Games.