ksetpwd.c bug

Chris Hecker checker at d6.com
Wed Mar 21 01:07:44 EDT 2012

Not sure if anybody noticed my parenthetical phrase about this in my
kerberos list clock skew thread, but this code is in ksetpwd.c:

static void get_init_creds_opt_init( krb5_get_init_creds_opt *outOptions )
    krb5_preauthtype    preauth[] = { KRB5_PADATA_ENC_TIMESTAMP };
    krb5_enctype        etypes[] = {ENCTYPE_DES_CBC_MD5,
    krb5_get_init_creds_opt_set_address_list(outOptions, NULL);
    krb5_get_init_creds_opt_set_etype_list( outOptions, etypes,
sizeof(etypes)/sizeof(krb5_enctype) );
    krb5_get_init_creds_opt_set_preauth_list(outOptions, preauth,
sizeof(preauth)/sizeof(krb5_preauthtype) );

I haven't looked at all the calls, but at least the set_preauth_list
just keeps the pointer, which in this case happens to point into the
stack of this function which promptly returns.


More information about the krbdev mailing list