[492] in Kerberos-V5-bugs

home help back first fref pref prev next nref lref last post

Howdy, it is me again

daemon@ATHENA.MIT.EDU (georges rahbani)
Thu Jun 2 14:29:31 1994

Date: Thu, 02 Jun 1994 11:29:01 -0700
To: krb5-bugs@MIT.EDU
From: georgesr@wrq.com (georges rahbani)
Cc: Georgesr@elmer.wrq.com

Hi Ted,
    I am in the process of working on krb5_generate_seq_number function. 
There is a section that I don't understand. I think there is a problem 
there, but I am not sure what is the function trying to accomplish in that 
section. Here we go:

Starts at line # 99.

>    memcpy((char *)intmp, (char *)&timenow, sizeof(timenow));
>

This looks reasonable  above

>    while (outseqno < (char *)(seqno+1)) {
>    memset((char *)intmp, 0, esize);

This memset clears the effect of line above (it clears intmp). And in any 
case if there is a second iteration in the loop, it does clear intmp  the 
same as well.
I don't understand why this line is here and what it does.

>
>    if (retval = krb5_encrypt((krb5_pointer)intmp,
>                  (krb5_pointer)outtmp,
>                  sizeof(timenow),
>                  &eblock,
>                  0)) {
>        (void) krb5_finish_key(&eblock);
>        goto cleanup;
>    }
>    memcpy(outseqno, (char *)outtmp, MIN((char *)(seqno+1)-outseqno,
>                         esize));
>    outseqno += MIN((char *)(seqno+1)-outseqno, esize);

For some reason, I think that this line will automatically cause outseqno to 
be equal to (seqno + 1) which in effect causes the loop to exit at the next 
iteration. In other words, the loop seems to be done only once. I don't 
understand what is going on here.

>    /* chain along */
>    memcpy((char *)intmp,(char *)outtmp,esize);

Again here copying outtmp to intmp is fine, but if the loop does a second 
iteration, intmp will be cleared and this line will have no effect. If my 
assumption is correct about the number of iterations that this loop does 
(which is one) Then there is no reason for this line here. Is there? Also 
there is no reason for the loop itself? What am I missing?

>    }
>

I am stuck in this function, I think I will look at krb5_sendauth next until 
I hear from you.

Thank you for your help and replies.
regards


Georges Rahbani
Walker, Richer & Quinn, Inc.
georgesr@wrq.com
home help back first fref pref prev next nref lref last post