[krbdev.mit.edu #2614] profile parser sometimes handles tabs incorrectly
The RT System itself via RT
rt-comment at krbdev.mit.edu
Thu Jun 24 20:06:47 EDT 2004
>From krb5-bugs-incoming-bounces at mit.edu Thu Jun 24 20:06:38 2004
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.9.3p2) with ESMTP
id UAA12075; Thu, 24 Jun 2004 20:06:38 -0400 (EDT)
Received: from pch.mit.edu (localhost [127.0.0.1])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i5P06cl1011604
for <krb5-send-pr at krbdev.mit.edu>; Thu, 24 Jun 2004 20:06:38 -0400 (EDT)
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU
[18.7.21.83])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i5LKaSl1021893
for <krb5-bugs-incoming at PCH.mit.edu>;
Mon, 21 Jun 2004 16:36:28 -0400 (EDT)
Received: from lnscu5.lns.cornell.edu (lnscu5.lns.cornell.edu [128.84.44.111])
i5LKaPSD015955
for <krb5-bugs at mit.edu>; Mon, 21 Jun 2004 16:36:25 -0400 (EDT)
Received: from lnscua.lns.cornell.edu (lnscua.lns.cornell.edu [128.84.45.62])
i5LKaJu8016868
for <krb5-bugs at mit.edu>; Mon, 21 Jun 2004 16:36:19 -0400 (EDT)
From: Dan Riley <dsr at mail.lns.cornell.edu>
Received: by lnscua.lns.cornell.edu (8.8.8/1.1.10.5/23Nov96-0144PM)
id QAA0000011073; Mon, 21 Jun 2004 16:36:19 -0400 (EDT)
Date: Mon, 21 Jun 2004 16:36:19 -0400 (EDT)
Message-Id: <200406212036.QAA0000011073 at lnscua.lns.cornell.edu>
To: krb5-bugs at mit.edu
X-send-pr-version: 3.99
X-Mailman-Approved-At: Thu, 24 Jun 2004 20:06:35 -0400
Subject: None
X-BeenThere: krb5-bugs-incoming at mit.edu
X-Mailman-Version: 2.1
Precedence: list
Reply-To: dsr at mail.lns.cornell.edu
Sender: krb5-bugs-incoming-bounces at mit.edu
Errors-To: krb5-bugs-incoming-bounces at mit.edu
>Submitter-Id: net
>Originator: Dan Riley
>Organization:
Cornell University Laboratory for Elementary-Particle Physics
>Confidential: no
>Synopsis: profile parser sometimes handles tabs incorrectly
>Severity: serious
>Priority: high
>Category: krb5-admin
>Class: sw-bug
>Release: krb5-1.3.4
>Environment:
System: OSF1 lnscua.lns.cornell.edu V4.0 1229 alpha
Machine: alpha
>Description:
the profile parser incorrectly parses relations where there are tabs
following the tag
>How-To-Repeat:
Create a profile line where the tag is followed by a tab and a
space, e.g.
master_key_type\t = des-cbc-crc
(where \t should be replaced by an actual tab character). Observe
that the relation is no longer applied by running a program that
depends on this value--for example, kadmin.local on a kdc where the
master key is des-cbc-crc encrpyted:
root_lnscu8> kadmin.local
Authenticating as principal dsr/admin at LNS.CORNELL.EDU with password.
kadmin.local: Stored master key is corrupted while initializing kadmin.local interface
The problem is line 155 in prof_parse.c:
p = strchr(tag, ' ');
which leaves the tab character part of the tag name, so subsequent
comparisons fail to match.
>Fix:
Simplest fixes are to either strchr on everything that could match
isspace() (which may be locale dependent) or to back up over the
white space. The patch below implements the second option. This
will miss syntax errors which the old code did not, as the 'p != cp'
test will never succeed with this change (so it might as well be
removed). A smarter patch might be to just replace
p = strchr(tag, ' ');
if (p) {
with
for (p = tag; *p && !isspace((int) (*p)); ++p);
if (*p) {
Index: prof_parse.c
===================================================================
RCS file: /nfs/localsrc/cvsroot/krb5/util/profile/prof_parse.c,v
retrieving revision 1.1.1.5
diff -u -r1.1.1.5 prof_parse.c
--- prof_parse.c 9 Jan 2004 20:41:58 -0000 1.1.1.5
+++ prof_parse.c 21 Jun 2004 17:50:23 -0000
@@ -152,9 +152,10 @@
if (!cp)
return PROF_RELATION_SYNTAX;
*cp = '\0';
- p = strchr(tag, ' ');
- if (p) {
- *p = '\0';
+ p = cp - 1;
+ if (*p && isspace((int) (*p))) {
+ while (*p && isspace((int) (*p))) --p;
+ *++p = '\0';
p = skip_over_blanks(p+1);
if (p != cp)
return PROF_RELATION_SYNTAX;
More information about the krb5-bugs
mailing list