[31015] in CVS-changelog-for-Kerberos-V5

home help back first fref pref prev next nref lref last post

krb5 commit: Using locking in MEMORY krb5_cc_get_principal()

daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Jun 28 16:44:49 2021

Date: Mon, 28 Jun 2021 16:44:29 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <202106282044.15SKiTmt024811@drugstore.mit.edu>
To: <cvs-krb5@mit.edu>
MIME-Version: 1.0
Reply-To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/1848447291c68e21311f441b0458ae53471d00d3
commit 1848447291c68e21311f441b0458ae53471d00d3
Author: Greg Hudson <ghudson@mit.edu>
Date:   Sun Jun 20 19:24:07 2021 -0400

    Using locking in MEMORY krb5_cc_get_principal()
    
    Without locking, the principal pointer could be freed out from under
    krb5_copy_principal() by another thread calling krb5_cc_initialize()
    or krb5_cc_destroy().
    
    ticket: 9014 (new)
    tags: pullup
    target_version: 1.19-next
    target_version: 1.18-next

 src/lib/krb5/ccache/cc_memory.c |   17 +++++++++++------
 1 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/lib/krb5/ccache/cc_memory.c b/src/lib/krb5/ccache/cc_memory.c
index 529ada5..0897d6b 100644
--- a/src/lib/krb5/ccache/cc_memory.c
+++ b/src/lib/krb5/ccache/cc_memory.c
@@ -578,12 +578,17 @@ krb5_mcc_get_name (krb5_context context, krb5_ccache id)
 krb5_error_code KRB5_CALLCONV
 krb5_mcc_get_principal(krb5_context context, krb5_ccache id, krb5_principal *princ)
 {
-    krb5_mcc_data *ptr = (krb5_mcc_data *)id->data;
-    if (!ptr->prin) {
-        *princ = 0L;
-        return KRB5_FCC_NOFILE;
-    }
-    return krb5_copy_principal(context, ptr->prin, princ);
+    krb5_error_code ret;
+    krb5_mcc_data *d = id->data;
+
+    *princ = NULL;
+    k5_cc_mutex_lock(context, &d->lock);
+    if (d->prin == NULL)
+        ret = KRB5_FCC_NOFILE;
+    else
+        ret = krb5_copy_principal(context, d->prin, princ);
+    k5_cc_mutex_unlock(context, &d->lock);
+    return ret;
 }
 
 krb5_error_code KRB5_CALLCONV
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
home help back first fref pref prev next nref lref last post