oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Fix some uninitialized memory accesses.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2891 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
1997-08-11 01:42:21 +00:00
parent bf3dfbb407
commit 111a4dbdad
1 changed files with 30 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
kdc/kerberos5.c
View File

@@ -901,18 +901,20 @@ tgs_rep2(KDC_REQ_BODY *b,
Key *ekey; Key *ekey;
krb5_principal cp = NULL; krb5_principal cp = NULL;
char *spn = NULL, *cpn = NULL;
ret = krb5_decode_ap_req(context, &pa_data->padata_value, &ap_req); ret = krb5_decode_ap_req(context, &pa_data->padata_value, &ap_req);
if(ret){ if(ret){
kdc_log(0, "Failed to decode AP-REQ: %s", kdc_log(0, "Failed to decode AP-REQ: %s",
krb5_get_err_text(context, ret)); krb5_get_err_text(context, ret));
goto out; goto out2;
} }
if(ap_req.ticket.sname.name_string.len != 2 || if(ap_req.ticket.sname.name_string.len != 2 ||
strcmp(ap_req.ticket.sname.name_string.val[0], "krbtgt")){ strcmp(ap_req.ticket.sname.name_string.val[0], "krbtgt")){
kdc_log(0, "PA-DATA is not a ticket-granting ticket"); kdc_log(0, "PA-DATA is not a ticket-granting ticket");
ret = KRB5KDC_ERR_POLICY; /* ? */ ret = KRB5KDC_ERR_POLICY; /* ? */
goto out; goto out2;
} }
principalname2krb5_principal(&princ, principalname2krb5_principal(&princ,
@@ -924,11 +926,10 @@ tgs_rep2(KDC_REQ_BODY *b,
if(krbtgt == NULL) { if(krbtgt == NULL) {
char *p; char *p;
krb5_unparse_name(context, princ, &p); krb5_unparse_name(context, princ, &p);
kdc_log(0, "Ticket-granting ticket not found in database: %s", kdc_log(0, "Ticket-granting ticket not found in database: %s", p);
p);
free(p); free(p);
ret = KRB5KRB_AP_ERR_NOT_US; ret = KRB5KRB_AP_ERR_NOT_US;
goto out; goto out2;
} }
ekey = unseal_key(&krbtgt->keys.val[0]); /* XXX */ ekey = unseal_key(&krbtgt->keys.val[0]); /* XXX */
@@ -945,7 +946,7 @@ tgs_rep2(KDC_REQ_BODY *b,
if(ret) { if(ret) {
kdc_log(0, "Failed to verify AP-REQ: %s", kdc_log(0, "Failed to verify AP-REQ: %s",
krb5_get_err_text(context, ret)); krb5_get_err_text(context, ret));
goto out; goto out2;
} }
tgt = &ticket->ticket; tgt = &ticket->ticket;
@@ -957,14 +958,13 @@ tgs_rep2(KDC_REQ_BODY *b,
if(ret){ if(ret){
kdc_log(0, "Failed to verify authenticator: %s", kdc_log(0, "Failed to verify authenticator: %s",
krb5_get_err_text(context, ret)); krb5_get_err_text(context, ret));
goto out; goto out2;
} }
{ {
PrincipalName *s; PrincipalName *s;
Realm r; Realm r;
char *spn, *cpn; hdb_entry *server = NULL, *client = NULL;
hdb_entry *server, *client;
s = b->sname; s = b->sname;
r = b->realm; r = b->realm;
@@ -1026,30 +1026,11 @@ tgs_rep2(KDC_REQ_BODY *b,
ret = tgs_make_reply(b, tgt, server, client, reply); ret = tgs_make_reply(b, tgt, server, client, reply);
out: out:
if(ret)
krb5_mk_error(context,
ret,
e_text,
NULL,
cp,
sp,
0,
reply);
if (ticket) {
krb5_free_ticket(context, ticket);
free(ticket);
}
free_AP_REQ(&ap_req); free_AP_REQ(&ap_req);
free(spn); free(spn);
krb5_free_principal(context, cp); krb5_free_principal(context, cp);
free(cpn); free(cpn);
if(krbtgt){
hdb_free_entry(context, krbtgt);
free(krbtgt);
}
if(server){ if(server){
hdb_free_entry(context, server); hdb_free_entry(context, server);
free(server); free(server);
@@ -1058,9 +1039,28 @@ tgs_rep2(KDC_REQ_BODY *b,
hdb_free_entry(context, client); hdb_free_entry(context, client);
free(client); free(client);
} }
return ret;
} }
out2:
if(ret)
krb5_mk_error(context,
ret,
e_text,
NULL,
cp,
sp,
0,
reply);
if (ticket) {
krb5_free_ticket(context, ticket);
free(ticket);
}
if(krbtgt){
hdb_free_entry(context, krbtgt);
free(krbtgt);
}
return ret;
} }
static krb5_error_code static krb5_error_code