[31923] in Kerberos
krb 1.6.x null pointer deref in krb5_get_init_creds_password
daemon@ATHENA.MIT.EDU (Bert Barbe)
Fri Jan 15 12:56:50 2010
Message-ID: <4B50AC08.1050106@oracle.com>
Date: Fri, 15 Jan 2010 18:55:20 +0100
From: Bert Barbe <bert.barbe@oracle.com>
MIME-Version: 1.0
To: kerberos@mit.edu
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi all,
In function krb5_get_init_creds_password there is the following test:
/* historically the default has been to prompt for password change. * if the change password prompt option has not been set, we continue * to prompt. Prompting is only disabled if the option has been set * and the value has been set to false. */ if (!(options->flags & KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT)) goto cleanup;
We experienced a segmentation fault in this function (from openldap's slapd) , which after investigation appearedto be because options is NULL in the above test. The obvious fix would be to test for a NULL value of options.
This happened in krb 1.6.1 but I verified the same test is also present in 1.6.4-beta1.
Kind regards;Bert Barbé
-- Oracle <http://www.oracle.com>Bert Barbé | Principal Software DeveloperPhone: +16506077447 | Mobile: +32496575949Oracle Open Source DevelopmentORACLE Belgium BVBAOndernemingsnummer BTW BE 0440.966.354 RPR BrusselGreen Oracle <http://www.oracle.com/commitment> Oracle is committed to developing practices and products that help protect the environment________________________________________________Kerberos mailing list Kerberos@mit.eduhttps://mailman.mit.edu/mailman/listinfo/kerberos
