krb5 commit [krb5-1.13]: Avoid infinite loop on duplicate keysalts
Tom Yu
tlyu at mit.edu
Tue Dec 16 14:25:54 EST 2014
https://github.com/krb5/krb5/commit/d1a1b7c83ac568cbfec230bbdb3a9506ea27d1ca
commit d1a1b7c83ac568cbfec230bbdb3a9506ea27d1ca
Author: Ben Kaduk <kaduk at mit.edu>
Date: Thu Nov 20 15:44:04 2014 -0500
Avoid infinite loop on duplicate keysalts
When duplicate suppression was requested, we would enter an
infinite loop upon encountering a duplicate entry, a bug
introduced in commit 0918990bf1d8560d74473fc0e41d08d433da1a15
and thus present in release 1.13.
Rework the conditional to avoid the loop, at the expense of
additional indentation for some of the code.
(cherry picked from commit c828e7cb137de3559f026dcc552a52162d9ca5cd)
ticket: 8038
version_fixed: 1.13.1
status: resolved
src/lib/kadm5/str_conv.c | 21 ++++++++++-----------
1 files changed, 10 insertions(+), 11 deletions(-)
diff --git a/src/lib/kadm5/str_conv.c b/src/lib/kadm5/str_conv.c
index 216b580..c28a1e9 100644
--- a/src/lib/kadm5/str_conv.c
+++ b/src/lib/kadm5/str_conv.c
@@ -300,18 +300,17 @@ krb5_string_to_keysalts(const char *string, const char *tupleseps,
goto cleanup;
/* Ignore duplicate keysalts if caller asks. */
- if (!dups && krb5_keysalt_is_present(ksalts, nksalts, etype, stype))
- continue;
-
- ksalts_new = realloc(ksalts, (nksalts + 1) * sizeof(*ksalts));
- if (ksalts_new == NULL) {
- ret = ENOMEM;
- goto cleanup;
+ if (dups || !krb5_keysalt_is_present(ksalts, nksalts, etype, stype)) {
+ ksalts_new = realloc(ksalts, (nksalts + 1) * sizeof(*ksalts));
+ if (ksalts_new == NULL) {
+ ret = ENOMEM;
+ goto cleanup;
+ }
+ ksalts = ksalts_new;
+ ksalts[nksalts].ks_enctype = etype;
+ ksalts[nksalts].ks_salttype = stype;
+ nksalts++;
}
- ksalts = ksalts_new;
- ksalts[nksalts].ks_enctype = etype;
- ksalts[nksalts].ks_salttype = stype;
- nksalts++;
ksp = strtok_r(NULL, tseps, &tlasts);
}
*ksaltp = ksalts;
More information about the cvs-krb5
mailing list