[krbdev.mit.edu #1203] kinit -k -t segfaults

The RT System itself via RT rt-comment at krbdev.mit.edu
Tue Oct 1 14:51:36 EDT 2002 

>From hgm at lanl.gov  Tue Oct  1 14:51:33 2002
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by krbdev.mit.edu (8.9.3) with ESMTP
	id OAA09053; Tue, 1 Oct 2002 14:51:33 -0400 (EDT)
From: hgm at lanl.gov
Received: from mailrelay2.lanl.gov (mailrelay2.lanl.gov [128.165.4.103])
	by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id OAA07754
	for <krb5-bugs at mit.edu>; Tue, 1 Oct 2002 14:51:32 -0400 (EDT)
Received: from moki.lanl.gov (localhost.localdomain [127.0.0.1])
	by mailrelay2.lanl.gov (8.12.3/8.12.3/(ccn-5)) with ESMTP id g91IpWtv005823
	for <krb5-bugs at mit.edu>; Tue, 1 Oct 2002 12:51:32 -0600
Received: (from root at localhost)
	by moki.lanl.gov (8.9.3/8.9.3) id MAA21534;
	Tue, 1 Oct 2002 12:51:20 -0600
Date: Tue, 1 Oct 2002 12:51:20 -0600
Message-Id: <200210011851.MAA21534 at moki.lanl.gov>
To: krb5-bugs at mit.edu
Subject: krb5-clients
Reply-To: hgm at lanl.gov
X-send-pr-version: 3.99


>Submitter-Id:	net
>Originator:	Harry G. McGavran Jr.
>Organization:
	Los Alamos National Laboratory
>Confidential:  no
>Synopsis:      kinit -k -t segfaults
>Severity:      critical
>Priority:      high
>Category:      krb5-clients
>Class:         sw-bug
>Release:	krb5-1.2.6
>Environment:
	Linux, all flavors
System: Linux moki 2.2.21 #1 Mon Jul 1 11:10:05 MDT 2002 i686 unknown
Architecture: i686

>Description:
	kinit with a keytab file seg faults (kinit -k -t file principal)
>How-To-Repeat:
	kinit -k -t file principal
>Fix:
	We patched our krb5-1.2.6 source tree with:
*** ./src/lib/krb5/krb/gic_keytab.c.orig	Tue Apr 11 15:43:17 2000
--- ./src/lib/krb5/krb/gic_keytab.c	Mon Sep 30 13:30:39 2002
***************
*** 25,31 ****
--- 25,39 ----
  	if (as_key->enctype == etype)
  	    return(0);
  
+ #ifndef LANL
  	krb5_free_keyblock(context, as_key);
+ #else   /* LANL */
+ 	/* krb5_free_keyblock frees as_key above and that is a local variable declared
+ 	 * in krb5_get_init_creds() and used below as well, so it should NOT be
+ 	 * freed, only the contents can be freed.
+ 	 */
+ 	krb5_free_keyblock_contents(context, as_key);
+ #endif  /* LANL */
  	as_key->length = 0;
      }

More information about the krb5-bugs mailing list