[1548] in Kerberos-V5-bugs
krb_rd_req() return code bug
daemon@ATHENA.MIT.EDU (Bryce Denney)
Mon Jul 17 13:39:47 1995
From: Bryce Denney <bdenney@physics.oberlin.edu>
To: krb5-bugs@MIT.EDU
Date: Mon, 17 Jul 1995 13:43:17 -0400 (EDT)
(In this message I am referring to Athena Kerberos V5, patchlevel 8.
I'm not sure which beta it is, but it's sitting in /pub/kerberos on
your ftp site right now.)
After trying to track down a seg fault in that sample server program,
I found the following problem. krb_rd_req() is supposed to return
valid Kerberos error codes: RD_AP_OK, RD_AP_VERSION, RD_AP_MSG_TYPE, etc.
However, it calls krb_set_key(), which in turn calls des_key_sched(). If
this DES function fails, it returns -1 or -2, which is passed all
the way back to the application.
Okay, so a negative error code was returned, and what might the server do
with it? syslog(..., krb_err_txt[-2]) --> crash.
Either there should be a new error code RD_AP_BADKEY or the DES functions
should return a real Kerberos error, or Kerberized servers are in danger
of crashing.
Bryce Denney
<bdenney@physics.oberlin.edu>
