[krbdev.mit.edu #2106] bug in krb5_cc_remove_cred API?
gsu@UU.NET via RT
rt-comment at krbdev.mit.edu
Tue Jan 6 14:33:29 EST 2004
Hi,
I am coding a test program that calls krb5_cc_remove_cred and
encountered a problem. Checking out the source
code (krb5-1.3.1.tar) that I downloaded from your site, I believe
the problem is caused by a bug in the code.
The file is src/lib/krb5/ccache/ccfns.c
The function is krb5_cc_remove_cred. This function calls
cache->ops->remove_cred without checking if cache->ops->remove_cred
is NULL. In fact cache->ops->remove_cred is NULL, hence calling
program core dumps. cache->ops is defined as krb5_fcc_ops in
src/lib/krb5/ccache/cc_file.c and the remove_cred entry is NULL.
Please let me know if I am correct or I missed anything.
Thank you.
Grace Su
grace.su at mci.com
More information about the krb5-bugs
mailing list