diff options
author | Ben Kaduk <kaduk@mit.edu> | 2014-11-20 15:44:04 -0500 |
---|---|---|
committer | Ben Kaduk <kaduk@mit.edu> | 2014-11-20 15:44:04 -0500 |
commit | c828e7cb137de3559f026dcc552a52162d9ca5cd (patch) | |
tree | 47031346700dc64d526537ff5766ce400ab8d6db | |
parent | 3eeb1a7eaa6757502d73944b7694405cdd571e1c (diff) | |
download | krb5-c828e7cb137de3559f026dcc552a52162d9ca5cd.tar.gz krb5-c828e7cb137de3559f026dcc552a52162d9ca5cd.tar.xz krb5-c828e7cb137de3559f026dcc552a52162d9ca5cd.zip |
Avoid infinite loop on duplicate keysalts
When duplicate suppression was requested, we would enter an
infinite loop upon encountering a duplicate entry, a bug
introduced in commit 0918990bf1d8560d74473fc0e41d08d433da1a15
and thus present in release 1.13.
Rework the conditional to avoid the loop, at the expense of
additional indentation for some of the code.
Ticket: 8038
tags: pullup
target_version: 1.13.1
-rw-r--r-- | src/lib/kadm5/str_conv.c | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/src/lib/kadm5/str_conv.c b/src/lib/kadm5/str_conv.c index 216b580bd..c28a1e932 100644 --- a/src/lib/kadm5/str_conv.c +++ b/src/lib/kadm5/str_conv.c @@ -300,18 +300,17 @@ krb5_string_to_keysalts(const char *string, const char *tupleseps, goto cleanup; /* Ignore duplicate keysalts if caller asks. */ - if (!dups && krb5_keysalt_is_present(ksalts, nksalts, etype, stype)) - continue; - - ksalts_new = realloc(ksalts, (nksalts + 1) * sizeof(*ksalts)); - if (ksalts_new == NULL) { - ret = ENOMEM; - goto cleanup; + if (dups || !krb5_keysalt_is_present(ksalts, nksalts, etype, stype)) { + ksalts_new = realloc(ksalts, (nksalts + 1) * sizeof(*ksalts)); + if (ksalts_new == NULL) { + ret = ENOMEM; + goto cleanup; + } + ksalts = ksalts_new; + ksalts[nksalts].ks_enctype = etype; + ksalts[nksalts].ks_salttype = stype; + nksalts++; } - ksalts = ksalts_new; - ksalts[nksalts].ks_enctype = etype; - ksalts[nksalts].ks_salttype = stype; - nksalts++; ksp = strtok_r(NULL, tseps, &tlasts); } *ksaltp = ksalts; |