Fix bug in loading MIT dumps
This commit is contained in:
Nicolas Williams
@@ -1139,6 +1139,8 @@ unless no extra data
|
|||||||
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#if 0
|
||||||
|
/* Why ever did we loop? */
|
||||||
static char *
|
static char *
|
||||||
nexttoken(char **p)
|
nexttoken(char **p)
|
||||||
{
|
{
|
||||||
@@ -1148,13 +1150,30 @@ nexttoken(char **p)
|
|||||||
} while(q && *q == '\0');
|
} while(q && *q == '\0');
|
||||||
return q;
|
return q;
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
static char *
|
||||||
|
nexttoken(char **p, size_t len)
|
||||||
|
{
|
||||||
|
char *q;
|
||||||
|
|
||||||
|
if (*p == NULL)
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
q = *p;
|
||||||
|
*p += len;
|
||||||
|
/* Must be followed by a delimiter (right?) */
|
||||||
|
if (strsep(p, " \t") != q + len)
|
||||||
|
return NULL;
|
||||||
|
return q;
|
||||||
|
}
|
||||||
|
|
||||||
static size_t
|
static size_t
|
||||||
getdata(char **p, unsigned char *buf, size_t len)
|
getdata(char **p, unsigned char *buf, size_t len)
|
||||||
{
|
{
|
||||||
size_t i;
|
size_t i;
|
||||||
int v;
|
int v;
|
||||||
char *q = nexttoken(p);
|
char *q = nexttoken(p, 0);
|
||||||
i = 0;
|
i = 0;
|
||||||
while(*q && i < len) {
|
while(*q && i < len) {
|
||||||
if(sscanf(q, "%02x", &v) != 1)
|
if(sscanf(q, "%02x", &v) != 1)
|
||||||
@@ -1169,7 +1188,7 @@ static int
|
|||||||
getint(char **p)
|
getint(char **p)
|
||||||
{
|
{
|
||||||
int val;
|
int val;
|
||||||
char *q = nexttoken(p);
|
char *q = nexttoken(p, 0);
|
||||||
if (!q)
|
if (!q)
|
||||||
return -1;
|
return -1;
|
||||||
sscanf(q, "%d", &val);
|
sscanf(q, "%d", &val);
|
||||||
@@ -1180,7 +1199,7 @@ static unsigned int
|
|||||||
getuint(char **p)
|
getuint(char **p)
|
||||||
{
|
{
|
||||||
int val;
|
int val;
|
||||||
char *q = nexttoken(p);
|
char *q = nexttoken(p, 0);
|
||||||
if (!q)
|
if (!q)
|
||||||
return 0;
|
return 0;
|
||||||
sscanf(q, "%u", &val);
|
sscanf(q, "%u", &val);
|
||||||
@@ -1227,7 +1246,7 @@ _hdb_mit_dump2mitdb_entry(krb5_context context, char *line, krb5_storage *sp)
|
|||||||
|
|
||||||
krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE);
|
krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE);
|
||||||
|
|
||||||
q = nexttoken(&p);
|
q = nexttoken(&p, 0);
|
||||||
if (strcmp(q, "kdb5_util") == 0 || strcmp(q, "policy") == 0 ||
|
if (strcmp(q, "kdb5_util") == 0 || strcmp(q, "policy") == 0 ||
|
||||||
strcmp(q, "princ") != 0) {
|
strcmp(q, "princ") != 0) {
|
||||||
return -1;
|
return -1;
|
||||||
@@ -1238,11 +1257,12 @@ _hdb_mit_dump2mitdb_entry(krb5_context context, char *line, krb5_storage *sp)
|
|||||||
ret = krb5_store_int16(sp, KDB_V1_BASE_LENGTH);
|
ret = krb5_store_int16(sp, KDB_V1_BASE_LENGTH);
|
||||||
if (ret) return ret;
|
if (ret) return ret;
|
||||||
|
|
||||||
nexttoken(&p); /* length of principal */
|
princ_len = getuint(&p); /* length of principal */
|
||||||
|
if (princ_len > (1<<15) - 1) return EINVAL;
|
||||||
num_tl_data = getuint(&p); /* number of tl-data */
|
num_tl_data = getuint(&p); /* number of tl-data */
|
||||||
num_key_data = getuint(&p); /* number of key-data */
|
num_key_data = getuint(&p); /* number of key-data */
|
||||||
getint(&p); /* length of extra data */
|
getint(&p); /* length of extra data */
|
||||||
princ = nexttoken(&p); /* principal name */
|
princ = nexttoken(&p, (int)princ_len); /* principal name */
|
||||||
|
|
||||||
attributes = getuint(&p); /* attributes */
|
attributes = getuint(&p); /* attributes */
|
||||||
ret = krb5_store_uint32(sp, attributes);
|
ret = krb5_store_uint32(sp, attributes);
|
||||||
@@ -1295,7 +1315,6 @@ _hdb_mit_dump2mitdb_entry(krb5_context context, char *line, krb5_storage *sp)
|
|||||||
|
|
||||||
/* add principal unparsed name length and unparsed name */
|
/* add principal unparsed name length and unparsed name */
|
||||||
princ_len = strlen(princ);
|
princ_len = strlen(princ);
|
||||||
if (princ_len > (1<<15) - 1) return EINVAL;
|
|
||||||
princ_len++; /* must count and write the NUL in the on-disk encoding */
|
princ_len++; /* must count and write the NUL in the on-disk encoding */
|
||||||
ret = krb5_store_uint16(sp, princ_len);
|
ret = krb5_store_uint16(sp, princ_len);
|
||||||
if (ret) return ret;
|
if (ret) return ret;
|
||||||
@@ -1325,7 +1344,7 @@ _hdb_mit_dump2mitdb_entry(krb5_context context, char *line, krb5_storage *sp)
|
|||||||
free(buf);
|
free(buf);
|
||||||
if (sz == -1) return ENOMEM;
|
if (sz == -1) return ENOMEM;
|
||||||
} else {
|
} else {
|
||||||
if (strcmp(nexttoken(&p), "-1") != 0) return EINVAL;
|
if (strcmp(nexttoken(&p, 0), "-1") != 0) return EINVAL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1366,7 +1385,7 @@ _hdb_mit_dump2mitdb_entry(krb5_context context, char *line, krb5_storage *sp)
|
|||||||
free(buf);
|
free(buf);
|
||||||
if (sz == -1) return ENOMEM;
|
if (sz == -1) return ENOMEM;
|
||||||
} else {
|
} else {
|
||||||
if (strcmp(nexttoken(&p), "-1") != 0) return EINVAL;
|
if (strcmp(nexttoken(&p, 0), "-1") != 0) return EINVAL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1374,7 +1393,7 @@ _hdb_mit_dump2mitdb_entry(krb5_context context, char *line, krb5_storage *sp)
|
|||||||
* The rest is "extra data", but there's never any and we wouldn't
|
* The rest is "extra data", but there's never any and we wouldn't
|
||||||
* know what to do with it.
|
* know what to do with it.
|
||||||
*/
|
*/
|
||||||
/* nexttoken(&p); */
|
/* nexttoken(&p, 0); */
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user