[krbdev.mit.edu #1235] Bug in gss_krb5_ccache_name
Ben Cox via RT
rt-comment at krbdev.mit.edu
Thu Oct 31 12:58:25 EST 2002
Hello,
The attached unified diff against the krb5-1.2.6 source tree fixes a bug
in gss_krb5_ccache_name returns a string that has been freed.
The gss_krb5_ccache_name function has an "out_name" parameter that is
supposed to give the old value of the default ccache name.
Unfortunately, before control returns to the caller,
gss_krb5_ccache_name calls krb5_cc_set_default_name, which frees the
buffer that has just been pointed to by *out_name.
The attached patch fixes gss_krb5_ccache_name to strdup the string
before returning (and return GSS_S_FAILURE if the strdup fails). It
also fixes the only caller of gss_krb5_ccache_name (that I could find in
the source tree), which was strdup'ing the result, not to strdup it
anymore.
Thanks,
-- Ben Cox
More information about the krb5-bugs
mailing list