krb5 commit: Fix enctype display in Leash
Greg Hudson
ghudson at mit.edu
Mon Mar 1 18:45:08 EST 2021
https://github.com/krb5/krb5/commit/5a00af5da3bdd137a21f2b59612ba5ef6dba1396
commit 5a00af5da3bdd137a21f2b59612ba5ef6dba1396
Author: Greg Hudson <ghudson at mit.edu>
Date: Wed Feb 24 12:54:08 2021 -0500
Fix enctype display in Leash
In KrbListTickets.cpp, change etype_string() to write its output to a
caller-supplied buffer, so that the session key enctype name and
ticket enctype name don't occupy the same static buffer. Reported by
Oliver Freyermuth.
ticket: 8970
src/windows/leash/KrbListTickets.cpp | 23 +++++++++--------------
1 files changed, 9 insertions(+), 14 deletions(-)
diff --git a/src/windows/leash/KrbListTickets.cpp b/src/windows/leash/KrbListTickets.cpp
index 62bc55a..85f9745 100644
--- a/src/windows/leash/KrbListTickets.cpp
+++ b/src/windows/leash/KrbListTickets.cpp
@@ -73,19 +73,15 @@ LeashKRB5Error(krb5_error_code rc, LPCSTR FailedFunctionName)
}
-static char *
-etype_string(krb5_enctype enctype)
+static void
+etype_string(krb5_enctype enctype, char *buf, size_t buflen)
{
- static char buf[100];
-
krb5_error_code retval;
- if ((retval = pkrb5_enctype_to_name(enctype, FALSE, buf, sizeof(buf)))) {
+ if ((retval = pkrb5_enctype_to_name(enctype, FALSE, buf, buflen))) {
/* XXX if there's an error != EINVAL, I should probably report it */
- sprintf_s(buf, "etype %d", enctype);
+ sprintf_s(buf, buflen, "etype %d", enctype);
}
-
- return buf;
}
@@ -110,7 +106,7 @@ CredToTicketList(krb5_context ctx, krb5_creds KRBv5Credentials,
krb5_error_code code = 0;
krb5_ticket *tkt=NULL;
char *sServerName = NULL;
- char Buffer[256];
+ char Buffer[256], sestype[100], tkttype[100];
char *functionName = NULL;
TicketList *list = NULL;
@@ -144,15 +140,14 @@ CredToTicketList(krb5_context ctx, krb5_creds KRBv5Credentials,
else
list->renew_until = 0;
+ etype_string(KRBv5Credentials.keyblock.enctype, sestype, sizeof(sestype));
if (!pkrb5_decode_ticket(&KRBv5Credentials.ticket, &tkt)) {
- wsprintf(Buffer, "Session Key: %s Ticket: %s",
- etype_string(KRBv5Credentials.keyblock.enctype),
- etype_string(tkt->enc_part.enctype));
+ etype_string(tkt->enc_part.enctype, tkttype, sizeof(tkttype));
+ wsprintf(Buffer, "Session Key: %s Ticket: %s", sestype, tkttype);
pkrb5_free_ticket(ctx, tkt);
tkt = NULL;
} else {
- wsprintf(Buffer, "Session Key: %s",
- etype_string(KRBv5Credentials.keyblock.enctype));
+ wsprintf(Buffer, "Session Key: %s", sestype);
}
list->encTypes = (char *)calloc(1, strlen(Buffer)+1);
More information about the cvs-krb5
mailing list