To: | krb5-bugs@mit.edu |
Subject: | mutex locking issues in memory ccaches |
Date: | Fri, 29 Feb 2008 15:36:20 -0500 |
From: | Roland Dowdeswell <elric@imrryr.org> |
There are two mutex locking issues that I've noticed in the memory
ccache. The first one is in cc_memory.c:krb5_mcc_initialize(). When
it is free(3)ing the existing credentials it does not lock the data
structures and hence two separate threads can run into issues.
I attach a proposed patch for this issue.
I think though, that krb5_mcc_destroy() will also have the same issue
but I haven't provided a patch.
Thanks,
--
Roland C. Dowdeswell
Index: cc_memory.c
===================================================================
RCS file: /ms/dev/kerberos/mitkrb5/cvs-dirs/mitkrb5-1.4/mitkrb5/src/lib/krb5/ccache/cc_memory.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -u -r1.2 -r1.3
--- cc_memory.c 29 Feb 2008 20:23:23 -0000 1.2
+++ cc_memory.c 29 Feb 2008 20:24:30 -0000 1.3
@@ -118,10 +118,18 @@
krb5_mcc_initialize(krb5_context context, krb5_ccache id, krb5_principal princ)
{
krb5_error_code ret;
+ krb5_error_code err;
+ krb5_mcc_data *d;
+
+ d = id->data;
+ err = k5_mutex_lock(&d->lock);
+ if (err)
+ return err;
krb5_mcc_free(context, id);
ret = krb5_copy_principal(context, princ,
&((krb5_mcc_data *)id->data)->prin);
+ k5_mutex_unlock(&d->lock);
if (ret == KRB5_OK)
krb5_change_cache();
return ret;
ccache. The first one is in cc_memory.c:krb5_mcc_initialize(). When
it is free(3)ing the existing credentials it does not lock the data
structures and hence two separate threads can run into issues.
I attach a proposed patch for this issue.
I think though, that krb5_mcc_destroy() will also have the same issue
but I haven't provided a patch.
Thanks,
--
Roland C. Dowdeswell
Index: cc_memory.c
===================================================================
RCS file: /ms/dev/kerberos/mitkrb5/cvs-dirs/mitkrb5-1.4/mitkrb5/src/lib/krb5/ccache/cc_memory.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -u -r1.2 -r1.3
--- cc_memory.c 29 Feb 2008 20:23:23 -0000 1.2
+++ cc_memory.c 29 Feb 2008 20:24:30 -0000 1.3
@@ -118,10 +118,18 @@
krb5_mcc_initialize(krb5_context context, krb5_ccache id, krb5_principal princ)
{
krb5_error_code ret;
+ krb5_error_code err;
+ krb5_mcc_data *d;
+
+ d = id->data;
+ err = k5_mutex_lock(&d->lock);
+ if (err)
+ return err;
krb5_mcc_free(context, id);
ret = krb5_copy_principal(context, princ,
&((krb5_mcc_data *)id->data)->prin);
+ k5_mutex_unlock(&d->lock);
if (ret == KRB5_OK)
krb5_change_cache();
return ret;