Failing ASN.1 tests with PKINIT on HP-UX
Osipov, Michael (IN IT IN)
michael.osipov at innomotics.com
Sun Sep 28 16:22:43 EDT 2025
On 2025-09-28 21:36, Greg Hudson wrote:
> On 9/28/25 07:36, Osipov, Michael (IN IT IN) wrote:
>> Here is the full stacktrace:
> [...]
>>> #28 0x60000000c8a87c20:0 in encode_krb5_auth_pack () at
>>> asn1_k_encode.c:1513
>>> #29 0x4011340:0 in main () at krb5_encode_test.c:798
>
> Okay, it's nothing so exotic as a misplaced function pointer; we're just
> at a different point in main() from what we originally thought (line
> 798, not lines 775-778).
>
> Walking carefully through the stack trace, I can deduce that the failure
> happens when trying to encode the algorithm identifier within the
> paChecksum2 field of the PKAuthenticator.
> ktest_make_sample_pk_authenticator() doesn't intentionally include a
> paChecksum2 field, but it doesn't null it either. So this is a
> straightforward use of uninitialized memory, obscured on other platforms
> because the pointer value happens to be 0 there. (And asan/valgrind
> don't catch it, presumably because the memory was written to earlier
> within structures of different types.)
Nailed it. PR works for me!
More information about the Kerberos
mailing list