[1538] in Kerberos
Bug in Version 4 admin/kdb_util.c
daemon@ATHENA.MIT.EDU (Icarus Sparry)
Mon Sep 2 15:13:25 1991
Date: Mon, 2 Sep 91 19:34:57 BST
From: Icarus Sparry <I.Sparry@gdt.bath.ac.uk>
To: kerberos@ATHENA.MIT.EDU, I.Sparry@gdt.bath.ac.uk
Cc: lmjm@doc.imperial.ac.uk
Looking at the source from eBones, patchlevel9, for the
file admin/kdb_util.c.
At the start of function load_db, we see the following
load_db (db_file, input_file)
char *db_file;
FILE *input_file;
{
char exp_date_str[50];
char mod_date_str[50];
int temp1, temp2, temp3;
long time_explode();
int code;
extern char *sys_errlist[];
char *temp_db_file;
!!!! temp1 = strlen(db_file+2);
temp_db_file = malloc (temp1);
strcpy(temp_db_file, db_file);
strcat(temp_db_file, "~");
Obviously, the marked line should read
temp1 = strlen(db_file)+2;
As we want enough space to the terminating NULL character and the ~ character,
and we do not want the length of the substring of db_file starting at
the second position.
Icarus
