krb5-clients/1062: get_authorized_princ_names closes unitialized FILE pointers
Dan Riley
dsr at mail.lns.cornell.edu
Fri Feb 22 14:25:28 EST 2002
>Number: 1062
>Category: krb5-clients
>Synopsis: ksu get_authorized_princ_names closes unitialized file handles
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Feb 22 14:26:00 EST 2002
>Last-Modified:
>Originator: Dan Riley
>Organization:
LNS, Cornell U.
>Release: krb5-1.2.3
>Environment:
System: OSF1 lnscu6.lns.cornell.edu V4.0 1229 alpha
Machine: alpha
>Description:
ksu get_authorized_princ_names/close_time in heuristic.c can, under
some error conditions, try to close file handles that were not
initialized or opened.
>How-To-Repeat:
>Fix:
diff -ur krb5-1.2.3/src/clients/ksu/heuristic.c krb5/clients/ksu/heuristic.c
--- krb5-1.2.3/src/clients/ksu/heuristic.c Wed Jan 9 17:27:02 2002
+++ krb5/clients/ksu/heuristic.c Fri Nov 30 13:28:03 2001
@@ -199,7 +199,7 @@
struct passwd *pwd;
int k5login_flag =0;
int k5users_flag =0;
- FILE * login_fp, * users_fp;
+ FILE * login_fp = 0, * users_fp = 0;
char ** k5login_list = NULL, ** k5users_list = NULL;
char ** k5users_filt_list = NULL;
char ** combined_list = NULL;
@@ -278,8 +278,8 @@
FILE *login_fp;
{
- if (!k5users_flag) fclose(users_fp);
- if (!k5login_flag) fclose(login_fp);
+ if (!k5users_flag && users_fp) fclose(users_fp);
+ if (!k5login_flag && login_fp) fclose(login_fp);
}
>Audit-Trail:
>Unformatted:
More information about the krb5-bugs
mailing list