[2525] in Kerberos_V5_Development
Re: Should realm's be NULL terminated...
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Mon Oct 6 20:53:36 1997
Date: Mon, 6 Oct 1997 20:53:09 -0400
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: Marc Horowitz <marc@cygnus.com>
Cc: epeisach@MIT.EDU, krbdev@MIT.EDU
In-Reply-To: Marc Horowitz's message of 06 Oct 1997 15:46:13 -0400,
<t53k9fqoet6.fsf@rover.cygnus.com>
From: Marc Horowitz <marc@cygnus.com>
Date: 06 Oct 1997 15:46:13 -0400
>> Is this what is desired? Does anything make assumptions about this?
>> The reason I as is that in set_realm.c, the realm is set using strcpy
>> into space malloced as strlen(string) - i.e. off by one.
>>
>> Should I allocate one more byte, or use memcpy?
>>
>> Personally, I believe memcpy would be the proper fix...
I agree. At one point, the realm was NUL-terminated, but this was
changed (around b6 I think) to length/data. If something is still
confused, fix it.
Nothing *should* be assuming that the realm is null-terminated. I
believe the library was for a while continueing to allocate an extra
byte and null-terminating things just to be sure nothing would break.
Of course, then there's the school of thought which states that it's
better if programs breaks obviously, instead of having silent bugs.....
Regardless, note that the protocol doesn't allow null's in realm names.
- Ted
