[1171] in Kerberos_V5_Development
key data version as array index
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Tue May 14 17:00:12 1996
Date: Tue, 14 May 96 17:00:59 -0400
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: krbdev@MIT.EDU
I've seen code like this in a few places in libkdb:
for (i = 0; i < key_data->key_data_ver; i++)
if (key_data->key_data_contents[i])
krb5_xfree(key_data->key_data_contents[i]);
Basically, the code is using the key data version number as the
maximum array index for the type, length, and contents field.
As I've said, I'm currently documented libkdb which will include the
definition of the various fields in the kdb structures. I've deduced
from the code that in key_data_ver 1, the type, length, and contents
arrays only had one element (key info), and that in version 2 they
have two elements (key and salt info). Is that right? If so, the
code above won't coredump, but still seems like a bad idea.
Barry
