diff options
| author | Ezra Peisach <epeisach@mit.edu> | 1995-06-07 00:40:44 +0000 |
|---|---|---|
| committer | Ezra Peisach <epeisach@mit.edu> | 1995-06-07 00:40:44 +0000 |
| commit | b093eb3abf01697d364720738db2a0f81104b184 (patch) | |
| tree | 63dd36deece9a38f8266e5dcb5f956daaf7eb562 /src/kadmin/v5server | |
| parent | ec87f3861690a79d9dcce1f72eef7d8444cc9997 (diff) | |
| download | krb5-b093eb3abf01697d364720738db2a0f81104b184.tar.gz krb5-b093eb3abf01697d364720738db2a0f81104b184.tar.xz krb5-b093eb3abf01697d364720738db2a0f81104b184.zip | |
(key_decrypt_keys): On error, when clearing keyblocks, set contents to null.
(key_get_admin_entry): Allocate enough memory for admin_princ_name.
Initialize akey and pkey to zero.
Cannot use krb5_free_keyblock on stack based keyblock.
(key_finish): Cannot use krb5_free_keyblock on bss based keyblock.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5960 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/v5server')
| -rw-r--r-- | src/kadmin/v5server/ChangeLog | 11 | ||||
| -rw-r--r-- | src/kadmin/v5server/srv_key.c | 20 |
2 files changed, 26 insertions, 5 deletions
diff --git a/src/kadmin/v5server/ChangeLog b/src/kadmin/v5server/ChangeLog index d357a39b4..afb7aa2b3 100644 --- a/src/kadmin/v5server/ChangeLog +++ b/src/kadmin/v5server/ChangeLog @@ -1,3 +1,14 @@ +Tue Jun 6 19:42:18 1995 Ezra Peisach <epeisach@kangaroo.mit.edu> + + * srv_key.c (key_decrypt_keys): On error, when clearing keyblocks, + set contents to null. + (key_get_admin_entry): Allocate enough memory for + admin_princ_name. + Initialize akey and pkey to zero. + Cannot use krb5_free_keyblock on stack + based keyblock. + (key_finish): Cannot use krb5_free_keyblock on bss based + keyblock. Mon Jun 5 14:14:10 EDT 1995 Paul Park (pjpark@mit.edu) * srv_key.c(key_get_admin_entry) - When adding database entry for diff --git a/src/kadmin/v5server/srv_key.c b/src/kadmin/v5server/srv_key.c index 8dba7c375..768b55b9d 100644 --- a/src/kadmin/v5server/srv_key.c +++ b/src/kadmin/v5server/srv_key.c @@ -108,12 +108,15 @@ key_get_admin_entry(kcontext) DPRINT(DEBUG_CALLS, key_debug_level, ("* key_get_admin_entry()\n")); kret = ENOMEM; realm_name = key_master_realm(); + + memset((char *) &akey, 0, sizeof(akey)); + memset((char *) &pkey, 0, sizeof(pkey)); /* * The admin principal format is: * <admin-service-name>/<realm>@<realm> */ admin_princ_name = (char *) malloc((size_t) - ((2*strlen(realm_name)) + 2 + + ((2*strlen(realm_name)) + 3 + strlen(KRB5_ADM_SERVICE_NAME))); if (admin_princ_name) { /* Format the admin name */ @@ -155,8 +158,11 @@ key_get_admin_entry(kcontext) memcpy((char *) &madmin_key, (char *) &pkey, sizeof(pkey)); - if (akey.contents) - krb5_free_keyblock(kcontext, &akey); + if (akey.contents) { + memset((char *) &akey.contents, 0, + (size_t) akey.length); + krb5_xfree(akey.contents); + } madmin_key_init = 1; } else { @@ -510,7 +516,8 @@ key_init(kcontext, debug_level, enc_type, key_type, master_key_name, manual, mkeytab_init = 0; } if (madmin_key_init) { - krb5_free_keyblock(kcontext, &madmin_key); + memset((char *)madmin_key.contents, 0, madmin_key.length); + krb5_xfree(madmin_key.contents); madmin_key_init = 0; } } @@ -561,7 +568,8 @@ key_finish(kcontext, debug_level) mkeytab_init = 0; } if (madmin_key_init) { - krb5_free_keyblock(kcontext, &madmin_key); + memset((char *)madmin_key.contents, 0, madmin_key.length); + krb5_xfree(madmin_key.contents); madmin_key_init = 0; } krb5_db_fini(kcontext); @@ -772,11 +780,13 @@ key_decrypt_keys(kcontext, principal, eprimary, ealternate, primary, alternate) if (primary->contents) { memset((char *) primary->contents, 0, (size_t) primary->length); krb5_xfree(primary->contents); + primary->contents = 0; } if (alternate->contents) { memset((char *) alternate->contents, 0, (size_t) alternate->length); krb5_xfree(alternate->contents); + alternate->contents = 0; } } DPRINT(DEBUG_CALLS, key_debug_level, |