[1153] in Kerberos-V5-bugs
krb5b4pl3: appl/bsd/kcmd.c shouldn't replace *ahost with host_save
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Tue Mar 14 10:40:13 1995
From: "Jonathan I. Kamens" <jik@cam.ov.com>
Date: Tue, 14 Mar 1995 10:43:22 -0500
To: krb5-bugs@MIT.EDU
kcmd() shouldn't replace the caller's host-name argument with the host
name canonicalized and allocated inside kcmd(), because when kcmd()
fails, it frees host_save. As a result, the caller dereferences a
freed pointer when it tries to print an error message about the
failure.
--- appl/bsd/kcmd.c 1995/03/09 19:50:00 1.2
+++ appl/bsd/kcmd.c 1995/03/09 19:54:35 1.3
@@ -159,8 +159,6 @@
strcpy(host_save, hp->h_name);
- *ahost = host_save;
-
/* If no service is given set to the default service */
if (!service) service = default_service;
