Review of Kerberos AEAP API
Nicolas.Williams at sun.com
Thu Dec 4 13:47:48 EST 2008
On Thu, Dec 04, 2008 at 11:32:14AM -0500, Sam Hartman wrote:
> The big problem is not with ETOOBIG. The big problem is that if you
> have a 64-bit size_t and you use krb5_data.length for the output
> length,then you overwrite 32 bits past the length. You won't detect
> it on a 32-bit platform, but it will break badly on a 64-bit platform.
The C compiler won't do that on simple assignments. You'd have to be
using memcpy() for something like that to happen.
The real problem would be length truncation, which is where EOVERFLOW
More information about the krbdev