MIT Kerberos 1.14 : gssint_get_mechanism_cred crash

Vipul Mehta vipulmehta.1989 at
Fri Jun 15 13:57:54 EDT 2018

Thanks Greg. If i have anything more related to mit kerberos i will share.
For now we are also suspecting and investigating possible internal bug in
our code only.

On Thu, Jun 14, 2018 at 8:33 PM, Greg Hudson <ghudson at> wrote:

> On 06/14/2018 07:05 AM, Vipul Mehta wrote:
>> We are facing crash in our application while kerberos security context
>> initialization inside gssint_get_mechanism_cred function.
> [...]
>> Looks like memcmp is causing the issue.
>> &union_cred->mechs_array[i]->length is 9
>> mech_type->length is 9
>> mech_type->elements is not NULL
>> (&union_cred->mechs_array[i])->elements is also not NULL
>> Is anyone aware of such issue. Any possible fix ? Let me know if you need
>> more information.
> I am not aware of any such issue.  You should double-check that the cred
> handle you are passing is a valid cred handle and was not previously freed
> (although the usual method of releasing a cred handle should also set the
> pointer to NULL, unless you made a copy of the cred handle before releasing
> it).  If there is a memory corruption issue in the application, you might
> be able to use valgrind to find it.


More information about the krbdev mailing list