Possible bug in "kg_ctx_internalize()" function in MIT 1.6.3
Sachin Punadikar
punadikar.sachin at gmail.com
Wed Dec 24 00:49:01 EST 2008
Hi,
I think, people from krbdev mailing list might have answer to below
Awaiting clarification.
Thanks.
- Sachin
---------- Forwarded message ----------
From: Sachin Punadikar <punadikar.sachin at gmail.com>
Date: Mon, Dec 1, 2008 at 3:33 PM
Subject: kg_ctx_internalize() function in MIT 1.6.3
To: kerberos at mit.edu
Hello,
I was going through the gssapi MIT krb1.6.3 code and I feel there is a
possible bug in kg_ctx_internalize() function defined in
src/lib/gssapi/krb5/ser_sctx.c file.
As I understand the function should unpack entities in the same order in
which they were packed by kg_ctx_externalize() function. But it misses the
order while unpacking the last two structure variables as shown below. Since
acceptor_subkey_cksumtype was packed before cred_rcache and also occurs
before in the _krb5_gss_cred_id_rec structure definition,
acceptor_subkey_cksumtype should be unpacked BEFORE cred_rcache, else the
values will get swapped.
Current Code in kg_ctx_internalize() function:
if (!kret)
kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
ctx->cred_rcache = ibuf;
if (!kret)
kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
ctx->acceptor_subkey_cksumtype = ibuf;
Proposed Code in kg_ctx_internalize() function with change in sequence
while unpacking:
if (!kret)
kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
ctx->acceptor_subkey_cksumtype = ibuf;
if (!kret)
kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
ctx->cred_rcache = ibuf;
Kindly let me know if this is valid.
- Sachin
More information about the krbdev
mailing list