oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

tgs_build_reply: fix signed-unsigned mismatch

Browse Source 
A KVNO is unsigned and this is reflected in the internal
interfaces. However, for compatibility reasons its encoding
is signed and this creates a pointer mismatch when passing a
kvno pointer to _kdc_db_fetch.

Signed-off-by: Uri Simchoni <uri@samba.org>
This commit is contained in:
Uri Simchoni
2016-05-08 07:58:11 +03:00
parent 1017a594ef
commit f227586b80
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
kdc/krb5tgs.c
View File

@@ -1572,6 +1572,8 @@ tgs_build_reply(krb5_context context,
hdb_entry_ex *uu; hdb_entry_ex *uu;
krb5_principal p; krb5_principal p;
Key *uukey; Key *uukey;
krb5uint32 second_kvno = 0;
krb5uint32 *kvno_ptr = NULL;
if(b->additional_tickets == NULL || if(b->additional_tickets == NULL ||
b->additional_tickets->len == 0){ b->additional_tickets->len == 0){
@@ -1588,8 +1590,12 @@ tgs_build_reply(krb5_context context,
goto out; goto out;
} }
_krb5_principalname2krb5_principal(context, &p, t->sname, t->realm); _krb5_principalname2krb5_principal(context, &p, t->sname, t->realm);
if(t->enc_part.kvno){
second_kvno = *t->enc_part.kvno;
kvno_ptr = &second_kvno;
}
ret = _kdc_db_fetch(context, config, p, ret = _kdc_db_fetch(context, config, p,
HDB_F_GET_KRBTGT, t->enc_part.kvno, HDB_F_GET_KRBTGT, kvno_ptr,
NULL, &uu); NULL, &uu);
krb5_free_principal(context, p); krb5_free_principal(context, p);
if(ret){ if(ret){