Clearing credentials question
Greg Hudson
ghudson at MIT.EDU
Thu Jan 6 18:56:01 EST 2011
On Thu, 2011-01-06 at 18:04 -0500, Markus Moeller wrote:
> Shouldn't
> krb5_free_keyblock_contents check if the content is not zero ?
It does.
> int main() {
[...]
> krb5_creds creds;
[...]
> code = krb5_parse_name(context, cclient, &creds.client);
> code = krb5_parse_name(context, cserver, &creds.server);
[...]
> krb5_free_cred_contents(context, &creds);
You declared creds as an automatic variable and didn't initialize it, so
all of its fields except for client and server contain stack garbage at
the time of the krb5_free_cred_contents call.
More information about the Kerberos
mailing list