[krbdev.mit.edu #2579] kdc: add_to_transited may reference off end of array...
Ezra Peisach via RT
rt-comment at krbdev.mit.edu
Sat May 29 16:48:32 EDT 2004
While using valgrind on some test programs, it picked up on a
conditional based on an uninitialized value...
In kdc_util.c, about line 683
nlst = i - 1;
if i is 0, then nlst is -1.
If added is false, then the line 702 shows...
if ((next[nlst] != '.') && (next[0] != '/') &&
This code is executed with the rtest program:
./rtest ATHENA.MIT.EDU MIT.EDU SUB1W.CS.WASHINGTON.EDU SUB1M.ATHENA.MIT.EDU
among others...
I am still trying to understand the code to figure out the best
solution... I think this code is hit when the tgt_trans does not
contain a comma, among other circumstances...
Ezra
More information about the krb5-bugs
mailing list