Catch more strtol() failures when using KEYRINGs

- check more thorougly for errors when resolving KEYRING ccache names of type
  "persistent", which should only have a numeric UID as the next part of the
  name (#1029110)

1 files changed, 35 insertions, 0 deletions

diff --git a/krb5-keyring-strtol.patch b/krb5-keyring-strtol.patch
new file mode 100644
index 0000000..8d6d047
--- /dev/null
+++ b/krb5-keyring-strtol.patch
@@ -0,0 +1,35 @@
+commit ffbb8f2fdd54c9d458dc84b544ac29eb3272bd2d
+Author: Nalin Dahyabhai <nalin@dahyabhai.net>
+Date:   Mon Nov 11 13:10:08 2013 -0500
+
+    Catch more strtol() failures when using KEYRINGs
+    
+    When parsing what should be a UID while resolving a KEYRING ccache name,
+    don't just depend on strtol() to set errno when the residual that we
+    pass to it can't be parsed as a number.  In addition to checking errno,
+    pass in and check the value of an "endptr".
+
+diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c
+index 795ccd6..b1fc397 100644
+--- a/src/lib/krb5/ccache/cc_keyring.c
++++ b/src/lib/krb5/ccache/cc_keyring.c
+@@ -593,7 +593,7 @@ get_collection(const char *anchor_name, const char *collection_name,
+ {
+     krb5_error_code ret;
+     key_serial_t persistent_id, anchor_id, possess_id = 0;
+-    char *ckname;
++    char *ckname, *cnend = NULL;
+     long uidnum;
+ 
+     *collection_id_out = 0;
+@@ -607,8 +607,8 @@ get_collection(const char *anchor_name, const char *collection_name,
+          */
+         if (*collection_name != '\0') {
+             errno = 0;
+-            uidnum = strtol(collection_name, NULL, 10);
+-            if (errno)
++            uidnum = strtol(collection_name, &cnend, 10);
++            if (errno || cnend == NULL || *cnend != '\0')
+                 return KRB5_KCC_INVALID_UID;
+         } else {
+             uidnum = geteuid();