Date: Wed, 28 Nov 2007 06:50:04 GMT From: Sean McNeil <sean@mcneil.com> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/117349: [libgssapi] [patch] gss_acquire_cred can crash if _gss_mech_oids has not been initialized Message-ID: <200711280650.lAS6o40U063167@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/117349; it has been noted by GNATS. From: Sean McNeil <sean@mcneil.com> To: bug-followup@FreeBSD.org, nathanw@uchicago.edu Cc: Subject: Re: kern/117349: [libgssapi] [patch] gss_acquire_cred can crash if _gss_mech_oids has not been initialized Date: Tue, 27 Nov 2007 22:32:53 -0800 This is a multi-part message in MIME format. --------------070809070203010900060003 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit I have seen this exact issue with openldap 2.3 on HEAD/RELENG_7. Here is an alternative patch to resolve this issue: --- gss_acquire_cred.c.orig 2005-12-29 06:40:20.000000000 -0800 +++ gss_acquire_cred.c 2007-11-22 18:30:07.000000000 -0800 @@ -59,8 +59,8 @@ * First make sure that at least one of the requested * mechanisms is one that we support. */ + _gss_load_mech(); if (mechs) { - _gss_load_mech(); for (i = 0; i < mechs->count; i++) { int t; gss_test_oid_set_member(minor_status, @@ -74,6 +74,9 @@ return (GSS_S_BAD_MECH); } } + else + mechs = _gss_mech_oids; + if (actual_mechs) { major_status = gss_create_empty_oid_set(minor_status, @@ -92,9 +95,6 @@ cred->gc_usage = cred_usage; SLIST_INIT(&cred->gc_mc); - if (mechs == GSS_C_NO_OID_SET) - mechs = _gss_mech_oids; - set.count = 1; min_time = GSS_C_INDEFINITE; for (i = 0; i < mechs->count; i++) { --------------070809070203010900060003 Content-Type: text/x-patch; name="gss_acquire_cred.c.diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="gss_acquire_cred.c.diff" --- gss_acquire_cred.c.orig 2005-12-29 06:40:20.000000000 -0800 +++ gss_acquire_cred.c 2007-11-22 18:30:07.000000000 -0800 @@ -59,8 +59,8 @@ * First make sure that at least one of the requested * mechanisms is one that we support. */ + _gss_load_mech(); if (mechs) { - _gss_load_mech(); for (i = 0; i < mechs->count; i++) { int t; gss_test_oid_set_member(minor_status, @@ -74,6 +74,9 @@ return (GSS_S_BAD_MECH); } } + else + mechs = _gss_mech_oids; + if (actual_mechs) { major_status = gss_create_empty_oid_set(minor_status, @@ -92,9 +95,6 @@ cred->gc_usage = cred_usage; SLIST_INIT(&cred->gc_mc); - if (mechs == GSS_C_NO_OID_SET) - mechs = _gss_mech_oids; - set.count = 1; min_time = GSS_C_INDEFINITE; for (i = 0; i < mechs->count; i++) { --------------070809070203010900060003--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200711280650.lAS6o40U063167>