[16797] in Kerberos-V5-bugs
[krbdev.mit.edu #9035] git commit
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Wed Nov 10 14:12:23 2021
From: "Greg Hudson via RT" <rt-comment@krbdev.mit.edu>
In-Reply-To:
Message-ID: <rt-4.4.3-2-4046900-1636571513-1546.9035-4-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #9035":;
Date: Wed, 10 Nov 2021 14:11:53 -0500
MIME-Version: 1.0
Reply-To: rt-comment@krbdev.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
Wed Nov 10 14:11:53 2021: Request 9035 was acted upon.
Transaction: Ticket created by ghudson@mit.edu
Queue: krb5
Subject: git commit
Owner: ghudson@mit.edu
Requestors:
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9035 >
Avoid use after free during libkrad cleanup
libkrad client requests contain a list of references to remotes, with
no back-references or reference counts. To prevent accesses to
dangling references during cleanup, cancel all requests on all remotes
before freeing any remotes.
Remove the code for aging out unused servers. This code was fairly
safe as all requests referencing a remote should have completed or
timed out during an hour of disuse, but in the current design we have
no way to guarantee or check that. The set of addresses we send
RADIUS requests to will generally be small, so aging out servers is
unnecessary.
https://github.com/krb5/krb5/commit/ce160f8826bae223876a6527a731c36b6912db15
Author: Greg Hudson <ghudson@mit.edu>
Commit: ce160f8826bae223876a6527a731c36b6912db15
Branch: master
src/lib/krad/client.c | 42 ++++++++++++++----------------------------
src/lib/krad/internal.h | 4 ++++
src/lib/krad/remote.c | 11 ++++++++---
3 files changed, 26 insertions(+), 31 deletions(-)
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
