Ticket History #6600: gss_inquire_context cannot handle no target name from mechanism

# Tue Dec 22 18:19:52 2009 "Arlene Berry" <aberry@likewise.com> - Ticket created

Subject:	gss_inquire_context cannot handle no target name from mechanism
Date:	Tue, 22 Dec 2009 18:13:23 -0500
From:	"Arlene Berry" <aberry@likewise.com>
To:	<krb5-bugs@mit.edu>

Download (untitled) / with headers
text/plain 854B

Download (untitled) / with headers
text/html 4.8KiB

According to RFC 2744 it is possible for gss_inquire_context to return GSS_C_NO_NAME for the target name but if a mechanism actually does it the mechglue layer segfaults. This fixes it:

Index: g_inq_context.c

===================================================================

--- g_inq_context.c (revision 23482)

+++ g_inq_context.c (working copy)

@@ -140,7 +140,8 @@

}

- if (targ_name) {

+ if (targ_name ) {

+ if (localTargName) {

status = gssint_convert_name_to_union_name(minor_status, mech,

localTargName, targ_name);

@@ -150,6 +151,10 @@

return (status);

}

+ }

+ else {

+ *targ_name = GSS_C_NO_NAME;

+ }

}

/* spec says mech type must point to static storage */

# Thu Feb 04 22:25:50 2010 tlyu (Taylor Yu) - Given to tlyu (Taylor Yu)

# Thu Feb 04 22:25:50 2010 tlyu (Taylor Yu) - Target_Version 1.8 added

# Thu Feb 04 22:25:50 2010 tlyu (Taylor Yu) - Status changed from 'new' to 'review'

# Thu Feb 04 22:25:50 2010 tlyu (Taylor Yu) - Tags pullup added

# Thu Feb 04 22:25:50 2010 tlyu (Taylor Yu) - Correspondence added

From:	tlyu@mit.edu
Subject:	SVN Commit

Download (untitled) / with headers
text/plain 297B

Apply patch from Arlene Berry to avoid segfault if a mech
gss_inquire_context returns GSS_C_NO_NAME for the target name.

https://github.com/krb5/krb5/commit/bebdddf413bc4edbe6a738f6f01aa3428d2e8381
Commit By: tlyu
Revision: 23696
Changed Files:
U trunk/src/lib/gssapi/mechglue/g_inq_context.c

# Mon Feb 08 15:55:40 2010 tlyu (Taylor Yu) - Status changed from 'review' to 'resolved'

# Mon Feb 08 15:55:40 2010 tlyu (Taylor Yu) - Version_Fixed 1.8 added

# Mon Feb 08 15:55:40 2010 tlyu (Taylor Yu) - Correspondence added

From:	tlyu@mit.edu
Subject:	SVN Commit

Download (untitled) / with headers
text/plain 535B

pull up r23696 from trunk

------------------------------------------------------------------------
r23696 | tlyu | 2010-02-04 22:25:49 -0500 (Thu, 04 Feb 2010) | 7 lines

ticket: 6600
tags: pullup
target_version: 1.8

Apply patch from Arlene Berry to avoid segfault if a mech
gss_inquire_context returns GSS_C_NO_NAME for the target name.

https://github.com/krb5/krb5/commit/8cee1ab9882f05474e74cd1a811ab218a8a0442b
Commit By: tlyu
Revision: 23707
Changed Files:
U branches/krb5-1-8/src/lib/gssapi/mechglue/g_inq_context.c

# Wed Dec 16 18:02:54 2015 tlyu (Taylor Yu) - CustomField pullup deleted