Review of Kerberos AEAP API

Ken Raeburn raeburn at MIT.EDU
Thu Dec 4 15:10:23 EST 2008

On Dec 4, 2008, at 13:47, Nicolas Williams wrote:
> On Thu, Dec 04, 2008 at 11:32:14AM -0500, Sam Hartman wrote:
>> The big problem is not with ETOOBIG.  The big problem is that if you
>> have a 64-bit size_t and you use krb5_data.length for the output
>> length,then you overwrite 32 bits past the length.  You won't detect
>> it on a 32-bit platform, but it will break badly on a 64-bit  
>> platform.
> The C compiler won't do that on simple assignments.  You'd have to be
> using memcpy() for something like that to happen.

Or passing the address of krb5_data.length as the place where the  
result should be stored, and ignoring compiler warnings (which, sadly,  
is pretty common, at least until we get some more cleanup done).

There are some convoluted ways to force most compilers (I suspect) to  
error out on mismatched types, but we probably don't want to get into  


More information about the krbdev mailing list