[3314] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

krb5-clients/1062: get_authorized_princ_names closes unitialized FILE pointers

daemon@ATHENA.MIT.EDU (Dan Riley)
Fri Feb 22 14:46:36 2002

Resent-From: gnats@rt-11.mit.edu (GNATS Management)
Resent-To: krb5-unassigned@rt-11.mit.edu
Resent-Reply-To: krb5-bugs@mit.edu, dsr@mail.lns.cornell.edu
Message-Id: <200202221925.OAA0000019631@lnscu6.lns.cornell.edu>
From: Dan Riley <dsr@mail.lns.cornell.edu>
Reply-To: dsr@mail.lns.cornell.edu
To: krb5-bugs@mit.edu
Errors-To: krb5-bugs-admin@mit.edu
Date: Fri, 22 Feb 2002 14:25:28 -0500 (EST)


>Number:         1062
>Category:       krb5-clients
>Synopsis:       ksu get_authorized_princ_names closes unitialized file handles
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    krb5-unassigned
>State:          open
>Class:          sw-bug
>Submitter-Id:   unknown
>Arrival-Date:   Fri Feb 22 14:26:00 EST 2002
>Last-Modified:
>Originator:     Dan Riley
>Organization:
LNS, Cornell U.
>Release:        krb5-1.2.3
>Environment:
System: OSF1 lnscu6.lns.cornell.edu V4.0 1229 alpha
Machine: alpha
>Description:
ksu get_authorized_princ_names/close_time in heuristic.c can, under
some error conditions, try to close file handles that were not
initialized or opened.
>How-To-Repeat:
>Fix:

diff -ur krb5-1.2.3/src/clients/ksu/heuristic.c krb5/clients/ksu/heuristic.c
--- krb5-1.2.3/src/clients/ksu/heuristic.c	Wed Jan  9 17:27:02 2002
+++ krb5/clients/ksu/heuristic.c	Fri Nov 30 13:28:03 2001
@@ -199,7 +199,7 @@
     struct passwd *pwd;
     int k5login_flag =0;
     int k5users_flag =0;
-    FILE * login_fp, * users_fp;
+    FILE * login_fp = 0, * users_fp = 0;
     char **  k5login_list = NULL, ** k5users_list = NULL;
     char ** k5users_filt_list = NULL;
     char ** combined_list = NULL;
@@ -278,8 +278,8 @@
     FILE *login_fp;
 {
 
-    if (!k5users_flag) fclose(users_fp);
-    if (!k5login_flag) fclose(login_fp);
+    if (!k5users_flag && users_fp) fclose(users_fp);
+    if (!k5login_flag && login_fp) fclose(login_fp);
 
 }
 
>Audit-Trail:
>Unformatted:
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
http://mailman.mit.edu/mailman/listinfo/krb5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3314] in Kerberos-V5-bugs

krb5-clients/1062: get_authorized_princ_names closes unitialized FILE pointers

daemon@ATHENA.MIT.EDU (Dan Riley)Fri Feb 22 14:46:36 2002

daemon@ATHENA.MIT.EDU (Dan Riley)
Fri Feb 22 14:46:36 2002