Data initialization problem in krb-1.6.3
Howard Wilkinson
howard at cohtech.com
Tue Dec 9 10:04:05 EST 2008
I have been chasing a problem reported by valgrind when using GSSAPI to
connect to an LDAP server. I have managed to pin this down to
uninitialized data inside the Kerberos code.
I attach a patch which fixes this in what is probably a too conservative
fashion as I have chased this through a number of different scenarios.
The final fix was in the memory allocated for the k5seal.c and
k5sealv3.c files.
In the process I have also added memory clearing functions to other data
that was not being initialized.
I have also restructured the k5arcfour_init routine. Some of this was
taken from the trunk head in the subversion repository, some is my
removing intermediate storage items to simplify the code flow.
I would like to see the intent of this patch incorporated into the main
line development, I have no burning desire to have the patch as written
incorporated.
Regards, Howard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: krb5-1.6.3-meminitfix.patch
Type: text/x-patch
Size: 6218 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20081209/a4407c04/attachment.bin
More information about the krbdev
mailing list