Failing ASN.1 tests with PKINIT on HP-UX
Greg Hudson
ghudson at mit.edu
Sun Sep 28 15:36:23 EDT 2025
On 9/28/25 07:36, Osipov, Michael (IN IT IN) wrote:
> Here is the full stacktrace:
[...]
>> #28 0x60000000c8a87c20:0 in encode_krb5_auth_pack () at
>> asn1_k_encode.c:1513
>> #29 0x4011340:0 in main () at krb5_encode_test.c:798
Okay, it's nothing so exotic as a misplaced function pointer; we're just
at a different point in main() from what we originally thought (line
798, not lines 775-778).
Walking carefully through the stack trace, I can deduce that the failure
happens when trying to encode the algorithm identifier within the
paChecksum2 field of the PKAuthenticator.
ktest_make_sample_pk_authenticator() doesn't intentionally include a
paChecksum2 field, but it doesn't null it either. So this is a
straightforward use of uninitialized memory, obscured on other platforms
because the pointer value happens to be 0 there. (And asan/valgrind
don't catch it, presumably because the memory was written to earlier
within structures of different types.)
I will open a PR.
More information about the Kerberos
mailing list