[1443] in Kerberos-V5-bugs
Kerberos 5-B4-pl3 bug report (lib/krb5/ccache/file/fcc_init.c)
daemon@ATHENA.MIT.EDU (Craig Leres)
Fri Jun 2 23:48:11 1995
To: krb5-bugs@MIT.EDU
Cc: hobbit@asylum.sf.ca.us, mike@fionn.lbl.gov (Michael Helm)
Date: Fri, 02 Jun 95 20:47:57 PDT
From: Craig Leres <leres@ee.lbl.gov>
If you are using file credentials and /tmp is on a full filesystem,
kinit silently generates an empty credentials. The problem is that
krb5_fcc_initialize() fails to check the return status from
krb5_fcc_store_principal(). I checked and beta5 also has this problem.
Context diffs appended.
Craig
------
*** kerberosV.virgin/src/lib/krb5/ccache/file/fcc_init.c Thu Sep 22 18:30:15 1994
--- kerberosV/src/lib/krb5/ccache/file/fcc_init.c Fri Jun 2 15:59:29 1995
***************
*** 45,51 ****
krb5_ccache id;
krb5_principal princ;
{
! int ret = KRB5_OK;
MAYBE_OPEN(id, FCC_OPEN_AND_ERASE);
--- 45,52 ----
krb5_ccache id;
krb5_principal princ;
{
! krb5_error_code status = KRB5_OK;
! int ret;
MAYBE_OPEN(id, FCC_OPEN_AND_ERASE);
***************
*** 55,68 ****
ret = fchmod(((krb5_fcc_data *) id->data)->fd, S_IREAD | S_IWRITE);
#endif
if (ret == -1) {
! ret = krb5_fcc_interpret(errno);
! MAYBE_CLOSE(id, ret);
! return ret;
}
! krb5_fcc_store_principal(id, princ);
! MAYBE_CLOSE(id, ret);
! return ret;
}
--- 56,71 ----
ret = fchmod(((krb5_fcc_data *) id->data)->fd, S_IREAD | S_IWRITE);
#endif
if (ret == -1) {
! status = krb5_fcc_interpret(errno);
! MAYBE_CLOSE(id, status);
! return status;
}
! status = krb5_fcc_store_principal(id, princ);
! if (status != 0)
! MAYBE_CLOSE(id, status);
! MAYBE_CLOSE(id, status);
! return status;
}
