[krbdev.mit.edu #6675] segfault in gss_export_sec_context
Arlene Berry via RT
rt-comment at krbdev.mit.edu
Fri Mar 5 18:26:19 EST 2010
In src/lib/krb5/krb/authdata.c context is NULL and is dereferenced:
static krb5_error_code
k5_ad_size(krb5_context kcontext,
krb5_authdata_context context,
krb5_flags flags,
size_t *sizep)
{
int i;
krb5_error_code code = 0;
*sizep += sizeof(krb5_int32); /* count */
for (i = 0; i < context->n_modules; i++) {
The back trace is:
#0 0x0045dfcf in k5_ad_size (kcontext=0x8054af8, context=0x0, flags=15,
sizep=0xbffff078)
at krb5/src/lib/krb5/krb/authdata.c:162
#1 0x0045f7a2 in krb5_authdata_context_size (kcontext=0x8054af8,
ptr=0x0,
sizep=0xbffff078)
at krb5/src/lib/krb5/krb/authdata.c:1131 (line 1067 in your trunk)
#2 0x00484310 in krb5_size_opaque (kcontext=0x8054af8,
odtype=-1760647364,
arg=0x0, sizep=0xbffff078)
at krb5/src/lib/krb5/krb/serialize.c:104 (line 105 in your trunk)
#3 0x006ed9c3 in kg_ctx_size (kcontext=0x8054af8, arg=0x8053700,
sizep=0xbffff0b4)
at krb5/src/lib/gssapi/krb5/ser_sctx.c:361
More information about the krb5-bugs
mailing list