Review of Kerberos AEAP API
Nicolas Williams
Nicolas.Williams at sun.com
Thu Dec 4 16:13:08 EST 2008
On Thu, Dec 04, 2008 at 03:10:23PM -0500, Ken Raeburn wrote:
> On Dec 4, 2008, at 13:47, Nicolas Williams wrote:
> >On Thu, Dec 04, 2008 at 11:32:14AM -0500, Sam Hartman wrote:
> >>The big problem is not with ETOOBIG. The big problem is that if you
> >>have a 64-bit size_t and you use krb5_data.length for the output
> >>length,then you overwrite 32 bits past the length. You won't detect
> >>it on a 32-bit platform, but it will break badly on a 64-bit
> >>platform.
> >
> >The C compiler won't do that on simple assignments. You'd have to be
> >using memcpy() for something like that to happen.
>
> Or passing the address of krb5_data.length as the place where the
> result should be stored, and ignoring compiler warnings (which, sadly,
> is pretty common, at least until we get some more cleanup done).
You mean that improper casts are common in MIT krb5 code or application
code that uses MIT krb5? *sigh*
Nico
--
More information about the krbdev
mailing list