[33060] in Kerberos
Re: Clearing credentials question
daemon@ATHENA.MIT.EDU (Russ Allbery)
Thu Jan 6 22:20:35 2011
From: Russ Allbery <rra@stanford.edu>
To: kerberos@mit.edu
In-Reply-To: <ig5u6h$r1l$1@dough.gmane.org> (Markus Moeller's message of "Fri,
7 Jan 2011 02:35:55 -0000")
Date: Thu, 06 Jan 2011 19:20:28 -0800
Message-ID: <87bp3tv1qb.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
"Markus Moeller" <huaraz@moeller.plus.com> writes:
> "Greg Hudson" <ghudson@MIT.EDU> wrote:
>>> int main() {
>> [...]
>>> krb5_creds creds;
>> [...]
>>> code = krb5_parse_name(context, cclient, &creds.client);
>>> code = krb5_parse_name(context, cserver, &creds.server);
>> [...]
>>> krb5_free_cred_contents(context, &creds);
>> You declared creds as an automatic variable and didn't initialize it, so
>> all of its fields except for client and server contain stack garbage at
>> the time of the krb5_free_cred_contents call.
> I get the same error if I set
> creds.keyblock.contents = NULL;
> before cleaning the content.
memset(&creds, 0, sizeof(creds));
You need to zero the whole thing, not just a few fields, to be sure that
you've caught any stray fields that may make the library think that
there's allocated data to clear.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
