[krbdev.mit.edu #5839] fix krb5_string_to_keysalts() string processing infinite loop and default keysalt type
Jeffrey Altman via RT
rt-comment at krbdev.mit.edu
Fri Nov 9 15:14:52 EST 2007
Please review the following patch to krb5_string_to_keysalts() in
src/lib/kadm5/str_conv.c.
Index: str_conv.c
===================================================================
--- str_conv.c (revision 20163)
+++ str_conv.c (working copy)
@@ -310,7 +310,7 @@
septmp = ksseplist;
for (sp = strchr(kp, (int) *septmp);
*(++septmp) && !sp;
- ep = strchr(kp, (int) *septmp));
+ sp = strchr(kp, (int) *septmp));
if (sp) {
/* Separate enctype from salttype */
@@ -346,6 +346,9 @@
krb5_xfree(savep);
}
+ if (stype == -1)
+ stype == KRB5_KDB_SALT_TYPETYPE_NORMAL;
+
/* Save our values */
(*ksaltp)[(*nksaltp)].ks_enctype = ktype;
(*ksaltp)[(*nksaltp)].ks_salttype = stype;
The patch corrects an infinite loop in the parsing of 'kp'.
Also, instead of setting the ks_salttype field to -1 which is an invalid
salttype, we default to using the normal salt type instead.
These changes have been in use at a client's site for many years.
Jeffrey Altman
More information about the krb5-bugs
mailing list