[31480] in CVS-changelog-for-Kerberos-V5
krb5 commit: Ensure defined behavior in k5_kt_have_match()
daemon@ATHENA.MIT.EDU (ghudson@mit.edu)
Wed Oct 15 11:01:05 2025
From: ghudson@mit.edu
To: cvs-krb5@mit.edu
Message-Id: <20251015150053.BC4E0104173@krbdev.mit.edu>
Date: Wed, 15 Oct 2025 11:00:53 -0400 (EDT)
MIME-Version: 1.0
Reply-To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/4e5d98464e83fd90faa55c2e11bec813a28c89ee
commit 4e5d98464e83fd90faa55c2e11bec813a28c89ee
Author: Greg Hudson <ghudson@mit.edu>
Date: Sun Oct 12 14:03:06 2025 -0400
Ensure defined behavior in k5_kt_have_match()
match_entries() in ktfns.c admits uninitialized use of match if the
loop runs for zero iterations (the keytab is valid but contains no
entries). Initialize match to false to properly handle this case.
Fixes a -Werror compilation failure on macOS 10.6.8 reported by Sergey
Fedorov.
src/lib/krb5/keytab/ktfns.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lib/krb5/keytab/ktfns.c b/src/lib/krb5/keytab/ktfns.c
index d6658b35f..f3945f9da 100644
--- a/src/lib/krb5/keytab/ktfns.c
+++ b/src/lib/krb5/keytab/ktfns.c
@@ -138,7 +138,7 @@ match_entries(krb5_context context, krb5_keytab keytab,
krb5_error_code ret;
krb5_keytab_entry ent;
krb5_kt_cursor cursor;
- krb5_boolean match;
+ krb5_boolean match = FALSE;
/* Scan the keytab for host-based entries matching accprinc. */
ret = krb5_kt_start_seq_get(context, keytab, &cursor);
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
