diff options
author | Nalin Dahyabhai <nalin@dahyabhai.net> | 2013-11-11 13:10:08 -0500 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2013-11-12 11:13:51 -0500 |
commit | 5ac159e220297a8f62dd5edcec6f9b988b0627ea (patch) | |
tree | 5fbbddd5804e475f03eb9d16d857150eebf5dde8 | |
parent | 689d769c10c53bd4fa40e82421c89b96cc86cbae (diff) | |
download | krb5-5ac159e220297a8f62dd5edcec6f9b988b0627ea.tar.gz krb5-5ac159e220297a8f62dd5edcec6f9b988b0627ea.tar.xz krb5-5ac159e220297a8f62dd5edcec6f9b988b0627ea.zip |
Catch more strtol() failures when using KEYRINGs
When parsing what should be a UID while resolving a KEYRING ccache
name, don't just depend on strtol() to set errno when the residual
that we pass to it can't be parsed as a number. In addition to
checking errno, pass in and check the value of an "endptr".
[ghudson@mit.edu: simplified slightly]
ticket: 7764 (new)
target_version: 1.12
tags: pullup
-rw-r--r-- | src/lib/krb5/ccache/cc_keyring.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c index 795ccd63c..a07a0dc50 100644 --- a/src/lib/krb5/ccache/cc_keyring.c +++ b/src/lib/krb5/ccache/cc_keyring.c @@ -593,7 +593,7 @@ get_collection(const char *anchor_name, const char *collection_name, { krb5_error_code ret; key_serial_t persistent_id, anchor_id, possess_id = 0; - char *ckname; + char *ckname, *cnend; long uidnum; *collection_id_out = 0; @@ -607,8 +607,8 @@ get_collection(const char *anchor_name, const char *collection_name, */ if (*collection_name != '\0') { errno = 0; - uidnum = strtol(collection_name, NULL, 10); - if (errno) + uidnum = strtol(collection_name, &cnend, 10); + if (errno || *cnend != '\0') return KRB5_KCC_INVALID_UID; } else { uidnum = geteuid(); |