[krbdev.mit.edu #3549] library double-free with an empty keytab
Public Submitter via RT
rt-comment at krbdev.mit.edu
Wed Mar 22 23:30:39 EST 2006
When the Kerberos library opens an empty keytab, it recognizes an
immediate EOF as an error condition and closes the keytab, but it then
doesn't set the error return. The calling function therefore doesn't
recognize this as an error, tries to search in the keytab file, sees the
EOF again, and then closes it again. The second close causes a double
free. This patch fixes this by setting an error when the keytab file is
empty.
Patch from Steve Langasek.
More information about the krb5-bugs
mailing list