[28559] in Kerberos

home help back first fref pref prev next nref lref last post

Re: Bug in krb5_keyblock_data function on Solaris 10/Opensolaris

daemon@ATHENA.MIT.EDU (Ken Raeburn)
Mon Oct 15 18:23:33 2007

In-Reply-To: <ff0n0d$jn1$1@ger.gmane.org>
Mime-Version: 1.0 (Apple Message framework v752.2)
Message-Id: <9D0FC69F-E4CE-4B90-ADA2-10C1DB400571@mit.edu>
From: Ken Raeburn <raeburn@mit.edu>
Date: Mon, 15 Oct 2007 18:23:19 -0400
To: Markus Moeller <huaraz@moeller.plus.com>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

On Oct 15, 2007, at 17:44, Markus Moeller wrote:
> If other people come across this issue(noticable when  
> krb5_get_credentials
> is used in cross-realm situations) it had been identified in  
> Opensolaris
> snv_57 (http://bugs.opensolaris.org/view_bug.do?bug_id=6565115) but  
> still
> hasn't been fixed in source
> http://cvs.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/uts/ 
> common/gssapi/mechs/krb5/krb5/krb/copy_key.c

Your suggested fix is to have krb5_copy_keyblock_data allocate the  
new storage, but the comment documenting the function says it assumes  
it's already been allocated, and the body of krb5_copy_keyblock  
further down does allocate the new storage before calling  
krb5_copy_keyblock.  So if I'm following this right, you'd be adding  
a memory leak to krb5_copy_keyblock, wouldn't you?


________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post