[17597] in Kerberos_V5_Development
Segfault during krb5_set_password
daemon@ATHENA.MIT.EDU (Jonathan Reams)
Mon Apr 16 19:18:45 2012
From: Jonathan Reams <jreams@columbia.edu>
Date: Mon, 16 Apr 2012 19:03:45 -0400
Message-Id: <E3648D89-E185-4231-8196-A3DA176E3B3A@columbia.edu>
To: krbdev@mit.edu
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
We're using the kadm5_hook API (krb5 v1.9.2) to implement password syncing against our active directory (http://code.google.com/p/krb5-adsync/), and kadmind has been segfaulting in krb5_set_password when a principal's keys are randomized - e.g. during ank -randkey or cpw -randkey. The password change hook gets called with the text of the new password set to NULL, which then gets passed into krb5_set_password, which tries to do a strlen on the NULL pointer.
For now I've set it to skip any password change operations where the password text string is NULL, but is this something the krb5 libs should have caught? Also, are there any upper bounds on the size of a password passed in? Would a hypothetical 4KB password cause issues?
Jonathan Reams
Systems Engineering
Columbia University
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
