[28046] in CVS-changelog-for-Kerberos-V5


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

krb5 commit: Catch more strtol() failures when using KEYRINGs

daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Nov 12 11:20:30 2013

Date: Tue, 12 Nov 2013 11:20:26 -0500
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201311121620.rACGKQVN013847@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/5ac159e220297a8f62dd5edcec6f9b988b0627ea
commit 5ac159e220297a8f62dd5edcec6f9b988b0627ea
Author: Nalin Dahyabhai <nalin@dahyabhai.net>
Date:   Mon Nov 11 13:10:08 2013 -0500

    Catch more strtol() failures when using KEYRINGs
    
    When parsing what should be a UID while resolving a KEYRING ccache
    name, don't just depend on strtol() to set errno when the residual
    that we pass to it can't be parsed as a number.  In addition to
    checking errno, pass in and check the value of an "endptr".
    
    [ghudson@mit.edu: simplified slightly]
    
    ticket: 7764 (new)
    target_version: 1.12
    tags: pullup

 src/lib/krb5/ccache/cc_keyring.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c
index 795ccd6..a07a0dc 100644
--- a/src/lib/krb5/ccache/cc_keyring.c
+++ b/src/lib/krb5/ccache/cc_keyring.c
@@ -593,7 +593,7 @@ get_collection(const char *anchor_name, const char *collection_name,
 {
     krb5_error_code ret;
     key_serial_t persistent_id, anchor_id, possess_id = 0;
-    char *ckname;
+    char *ckname, *cnend;
     long uidnum;
 
     *collection_id_out = 0;
@@ -607,8 +607,8 @@ get_collection(const char *anchor_name, const char *collection_name,
          */
         if (*collection_name != '\0') {
             errno = 0;
-            uidnum = strtol(collection_name, NULL, 10);
-            if (errno)
+            uidnum = strtol(collection_name, &cnend, 10);
+            if (errno || *cnend != '\0')
                 return KRB5_KCC_INVALID_UID;
         } else {
             uidnum = geteuid();
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[28046] in CVS-changelog-for-Kerberos-V5

krb5 commit: Catch more strtol() failures when using KEYRINGs

daemon@ATHENA.MIT.EDU (Greg Hudson)Tue Nov 12 11:20:30 2013

daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Nov 12 11:20:30 2013