[krbdev.mit.edu #7553] sendto_kdc can invoke poll with negative timeout
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Thu Jan 24 19:35:31 EST 2013
Our select/poll wrapper in cm.c and sendto_kdc.c uses an absolute end
time. If an event occurs just prior to the end time and doesn't terminate
the service_fds loop, and we take a few milliseconds to process it, we
could wind up calling cm_select_or_poll after the end time has expired.
The select wrapper in cm.c is careful to check for this, but the poll
wrapper in sendto_kdc.c is not. If we invoke poll with a negative
timeout, it will wait indefinitely.
This issue was reported in a github pull request by Matthieu Hautreax
<matthieu.hautreux at gmail.com>.
More information about the krb5-bugs
mailing list