[28413] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.12]: Fix returning KDB_NOENTRY in
daemon@ATHENA.MIT.EDU (Tom Yu)
Thu Jun 26 17:41:10 2014
Date: Thu, 26 Jun 2014 17:40:55 -0400
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201406262140.s5QLet3F023683@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/b6aedcc5c31a19c071e6fec0bb9119f177d142d1
commit b6aedcc5c31a19c071e6fec0bb9119f177d142d1
Author: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Thu Feb 20 16:01:49 2014 -0500
Fix returning KDB_NOENTRY in find_alternate_tgs()
After searching for a cross-realm TGS entry to provide to a client as a
referral, if we're all set to return a success code but aren't actually
returning an entry, we should be returning an error. We might not do so
because we don't compare the right value against NULL.
This corrects an error in a redundant check in the patch for
CVE-2013-1417. The error in the check cannot occur in practice
because the other part of the patch for CVE-2013-1417 prevents it, but
static analyzers can flag the erroneous check.
[tlyu@mit.edu: edit commit message]
(cherry picked from commit 90cbf4eb60d8ec3c083195ba4a050a31ea36be0b)
ticket: 7881
version_fixed: 1.12.2
status: resolved
src/kdc/do_tgs_req.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c
index 6bc4f15..d81b2b4 100644
--- a/src/kdc/do_tgs_req.c
+++ b/src/kdc/do_tgs_req.c
@@ -1117,7 +1117,7 @@ find_alternate_tgs(kdc_realm_t *kdc_active_realm, krb5_principal princ,
goto cleanup;
}
cleanup:
- if (retval == 0 && server_ptr == NULL)
+ if (retval == 0 && *server_ptr == NULL)
retval = KRB5_KDB_NOENTRY;
if (retval != 0)
*status = "UNKNOWN_SERVER";
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
