[114] in Kerberos-V5-bugs
bug in princ_comp.c
daemon@ATHENA.MIT.EDU (daemon@ATHENA.MIT.EDU)
Mon Mar 25 14:49:23 1991
Date: Mon, 25 Mar 91 14:26:09 EST
From: Bill Sommerfeld <sommerfeld@apollo.com>
To: krb5-bugs@ATHENA.MIT.EDU
From alpha 3:
Look closely at the inner loop of krb5_principal_compare:
for (p1 = princ1, p2 = princ2; *p1 && *p2; p1++, p2++)
if (strncmp((*p1)->data, (*p2)->data, min((*p1)->length,
(*p2)->length)))
return FALSE;
if (*p1 || *p2) /* didn't both run out at once */
return FALSE;
It appears as if this will say that "krb/foo@athena.mit.edu.hp.com" is
the same as "krbtgt/foobar@athena.mit.edu".
This is, umm, bad.
I think it wants to be:
for (p1 = princ1, p2 = princ2; *p1 && *p2; p1++, p2++)
if (((*p1)->length != (*p2)->length) ||
(strncmp((*p1)->data, (*p2)->data, (*p1)->length)))
return FALSE;
(fix is untested).
- Bill
