diff options
author | Jeffrey Altman <jaltman@secure-endpoints.com> | 2007-05-02 01:31:50 +0000 |
---|---|---|
committer | Jeffrey Altman <jaltman@secure-endpoints.com> | 2007-05-02 01:31:50 +0000 |
commit | c1c4cf131c792c9a40213c38ae785426df430445 (patch) | |
tree | 88a3354da84197e56b00d91148347a53fb21c65c /src | |
parent | 49f4a6eb0d473ea6cc866bb8f7f17d2911aadcbb (diff) | |
download | krb5-c1c4cf131c792c9a40213c38ae785426df430445.tar.gz krb5-c1c4cf131c792c9a40213c38ae785426df430445.tar.xz krb5-c1c4cf131c792c9a40213c38ae785426df430445.zip |
k5-int.h, gic_opt.c
The krb5_get_init_creds_password() and krb5_get_init_creds_keytab()
functions permit the gic_opts parameter to be NULL. This is not
taken into account when testing the value with the macros
krb5_gic_opt_is_extended() and krb5_gic_opt_is_shadowed().
Nor is it taken into account within krb5int_gic_opte_copy() which
is called by krb5int_gic_opt_to_opte() when the input parameter is
not a krb5_gic_opt_ext structure.
This commit makes two changes:
(1) it modifies the macros to ensure that the value is non-NULL
before evaluation.
(2) it modifies krb5int_gic_opte_copy() to avoid copying the
original values with memcpy() when the input is NULL.
In addition, the code was audited to ensure that the flag
KRB5_GET_INIT_CREDS_OPT_SHADOWED is properly set and that when
it is set, that the allocated krb5_gic_opt_ext structure is
freed by krb5_get_init_creds_password() and
krb5_get_init_creds_keytab().
ticket: 5552
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19537 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
-rw-r--r-- | src/include/k5-int.h | 4 | ||||
-rw-r--r-- | src/lib/krb5/krb/gic_opt.c | 14 |
2 files changed, 14 insertions, 4 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 99b157921..98f106475 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -1048,9 +1048,9 @@ void krb5_free_etype_info #define KRB5_GET_INIT_CREDS_OPT_SHADOWED 0x40000000 #define krb5_gic_opt_is_extended(s) \ - (((s)->flags & KRB5_GET_INIT_CREDS_OPT_EXTENDED) ? 1 : 0) + ((s) && ((s)->flags & KRB5_GET_INIT_CREDS_OPT_EXTENDED) ? 1 : 0) #define krb5_gic_opt_is_shadowed(s) \ - (((s)->flags & KRB5_GET_INIT_CREDS_OPT_SHADOWED) ? 1 : 0) + ((s) && ((s)->flags & KRB5_GET_INIT_CREDS_OPT_SHADOWED) ? 1 : 0) typedef struct _krb5_gic_opt_private { diff --git a/src/lib/krb5/krb/gic_opt.c b/src/lib/krb5/krb/gic_opt.c index bbf2eb286..9e9e4e882 100644 --- a/src/lib/krb5/krb/gic_opt.c +++ b/src/lib/krb5/krb/gic_opt.c @@ -206,8 +206,18 @@ krb5int_gic_opte_copy(krb5_context context, oe = krb5int_gic_opte_alloc(context); if (NULL == oe) return ENOMEM; - memcpy(oe, opt, sizeof(*opt)); - /* Fix these -- overwritten by the copy */ + + if (opt) + memcpy(oe, opt, sizeof(*opt)); + + /* + * Fix the flags -- the EXTENDED flag would have been + * overwritten by the copy if there was one. The + * SHADOWED flag is necessary to ensure that the + * krb5_gic_opt_ext structure that was allocated + * here will be freed by the library because the + * application is unaware of its existence. + */ oe->flags |= ( KRB5_GET_INIT_CREDS_OPT_EXTENDED | KRB5_GET_INIT_CREDS_OPT_SHADOWED); |