[58] in Kerberos-V5-bugs
alpha2 request asn.1 problem
daemon@ATHENA.MIT.EDU (Mark Stein)
Tue Nov 6 20:50:12 1990
Date: Tue, 6 Nov 90 17:47:40 PST
From: marks@Eng.Sun.COM (Mark Stein)
To: krb5-testers@ATHENA.MIT.EDU
Cc: marks@Eng.Sun.COM
Before I spend too much time tracking this down, I'll ask if anyone
has seen the following problem. All code is alpha2.
When using kinit to obtain a TGT, krb5kdc core dumps with a SIGSEGV
in some asn.1 free_translation code. Specifically:
decode_krb5_tgs_req()
krb5_decode_generic()
translator: KRB5_TGS__REQ2krb5_kdc_req()
KRB5_KDC__REQ__BODY2krb5_kdc_req()
val->additional__tickets->nelem = 11
val->additional__tickets->Ticket[0-4] = NULL
val->additional__tickets->Ticket[5] = 0x38
# The for loop drops out before the first iteration because
# Ticket[0] is NULL
free_translation: free_KRB5_TGS__REQ()
free_KRB5_KDC__REQ__BODY()
parm->additional__tickets->nelem = 11
# other values as above
free_KRB5_Ticket() for Ticket[5]
# SIGSEGV at reference of parm->realm because parm is not
# a valid pointer
I haven't looked at the kinit side yet to see if there is bum data being
sent. Any comments?
Thanks.
--Mark
