[29979] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.14]: Allow null outputs to
daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Jul 17 22:41:23 2017
Date: Mon, 17 Jul 2017 22:41:18 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201707180241.v6I2fIg0002877@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/6f62a483d54bbd54d6e0d87148cf565590cdc9e0
commit 6f62a483d54bbd54d6e0d87148cf565590cdc9e0
Author: Isaac Boukris <iboukris@gmail.com>
Date: Sat Mar 4 21:23:32 2017 +0200
Allow null outputs to gss_get_name_attribute()
In krb5_gss_get_name_attribute(), always ask for kvalue and
kdisplay_value when calling krb5_authdata_get_attribute(), as it
currently expect non-null arguments. This change allows applications
to pass GSS_C_NO_BUFFER for the value and display_value output
parameters. (Passing NULL for the authenticated and complete output
parameters already works.)
[ghudson@mit.edu: initialized kvalue and kdisplay_value for safety]
(cherry picked from commit 0cff20bd02c7e9b0bc88c425b58fa2d379da51b3)
ticket: 8557
version_fixed: 1.14.6
src/lib/gssapi/krb5/naming_exts.c | 19 +++++++++----------
1 files changed, 9 insertions(+), 10 deletions(-)
diff --git a/src/lib/gssapi/krb5/naming_exts.c b/src/lib/gssapi/krb5/naming_exts.c
index 6062a6d..0edb4b8 100644
--- a/src/lib/gssapi/krb5/naming_exts.c
+++ b/src/lib/gssapi/krb5/naming_exts.c
@@ -319,8 +319,8 @@ krb5_gss_get_name_attribute(OM_uint32 *minor_status,
krb5_data kattr;
krb5_boolean kauthenticated;
krb5_boolean kcomplete;
- krb5_data kvalue;
- krb5_data kdisplay_value;
+ krb5_data kvalue = empty_data();
+ krb5_data kdisplay_value = empty_data();
if (minor_status != NULL)
*minor_status = 0;
@@ -355,8 +355,8 @@ krb5_gss_get_name_attribute(OM_uint32 *minor_status,
&kattr,
&kauthenticated,
&kcomplete,
- value ? &kvalue : NULL,
- display_value ? &kdisplay_value : NULL,
+ &kvalue,
+ &kdisplay_value,
more);
if (code == 0) {
if (value != NULL)
@@ -367,14 +367,13 @@ krb5_gss_get_name_attribute(OM_uint32 *minor_status,
if (complete != NULL)
*complete = kcomplete;
- if (display_value != NULL) {
- if (code == 0)
- code = data_to_gss(&kdisplay_value, display_value);
- else
- free(kdisplay_value.data);
- }
+ if (display_value != NULL && code == 0)
+ code = data_to_gss(&kdisplay_value, display_value);
}
+ free(kdisplay_value.data);
+ free(kvalue.data);
+
k5_mutex_unlock(&kname->lock);
krb5_free_context(context);
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
