[11686] in Kerberos-V5-bugs
[krbdev.mit.edu #6777] Segmentation fault in krb library (sn2princ.c)
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Tue Sep 14 18:07:32 2010
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Greg Hudson via RT" <rt-comment@krbdev.MIT.EDU>
In-Reply-To: <rt-6777@krbdev.mit.edu>
Message-ID: <rt-6777-33141.1.78914374253218@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #6777'":;"'AdminCc of krbdev.mit.edu Ticket #6777'":;@MIT.EDU
Date: Tue, 14 Sep 2010 18:07:29 -0400 (EDT)
Reply-To: rt-comment@krbdev.MIT.EDU
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
[Richard.Krier@globalfoundries.com - Tue Sep 14 15:10:55 2010]:
> 2. If realm unresolved, krb5_get_host_realm() returns a
> zero-length string, i.e. 1 byte containing just '\0'
This is not actually an error condition. The empty string is returned
here to indicate that the caller should try referrals. So step 3 is
actually correct.
> 3. sname_to_princ() then calls krb5_build_principal(),
> principal not created in this case, *ret_princ is NULL
> ALSO HERE: No check is made to determine if *ret_princ is NULL
> before using it to make an assignment as point 4.
Failing to check retval here is a bug, and we'll fix it. However,
krb5_build_principal() should succeed in the scenario you described; I
would be interested to know why it is failing in your use case.
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
