diff options
| author | gibbs <gibbs@FreeBSD.org> | 1995-09-17 00:39:00 +0000 |
|---|---|---|
| committer | gibbs <gibbs@FreeBSD.org> | 1995-09-17 00:39:00 +0000 |
| commit | de534c054e8d7e4712bba5dba2d397e52088feaf (patch) | |
| tree | 55e5e6be3dc56885bd42322c0e841a0fa0b8ba48 /eBones | |
| parent | 93d4d9f3bca2515872fd5a07d15523e3f2d67068 (diff) | |
| download | FreeBSD-src-de534c054e8d7e4712bba5dba2d397e52088feaf.zip FreeBSD-src-de534c054e8d7e4712bba5dba2d397e52088feaf.tar.gz | |
The problem. If the first request to kerberos is not a ticket
request, it cores due to using the unitialized global req_name_ptr
pointer. -Wall does not reveal this.
Repeat by having an old valid ticket and start kerberos. rsh to
a non-realm system.
Also intialize lifetime to DEFAULT_TKT_LIFE and kerno to KSUCCESS since
they can be refernced before being initialized.
Submitted by: John Capo <jc@irbs.com>
Diffstat (limited to 'eBones')
| -rw-r--r-- | eBones/usr.sbin/kerberos/kerberos.c | 27 |
1 files changed, 13 insertions, 14 deletions
diff --git a/eBones/usr.sbin/kerberos/kerberos.c b/eBones/usr.sbin/kerberos/kerberos.c index 236bbbd..a15475d 100644 --- a/eBones/usr.sbin/kerberos/kerberos.c +++ b/eBones/usr.sbin/kerberos/kerberos.c @@ -5,13 +5,13 @@ * <Copyright.MIT>. * * from: kerberos.c,v 4.19 89/11/01 17:18:07 qjb Exp $ - * $Id: kerberos.c,v 1.4 1995/07/18 16:37:51 mark Exp $ + * $Id: kerberos.c,v 1.4 1995/09/07 21:37:27 markm Exp $ */ #if 0 #ifndef lint static char rcsid[] = -"$Id: kerberos.c,v 1.4 1995/07/18 16:37:51 mark Exp $"; +"$Id: kerberos.c,v 1.4 1995/09/07 21:37:27 markm Exp $"; #endif lint #endif @@ -341,7 +341,6 @@ kerberos(client, pkt) static struct in_addr client_host; static int msg_byte_order; - static int swap_bytes; static u_char k_flags; u_long lifetime; int i; @@ -351,6 +350,8 @@ kerberos(client, pkt) + lifetime = DEFAULT_TKT_LIFE; + ciph->length = 0; client_host = client->sin_addr; @@ -370,11 +371,17 @@ kerberos(client, pkt) kerb_err_reply(client, pkt, KERB_ERR_PKT_VER, lt); return; } + + /* set up and correct for byte order and alignment */ + req_name_ptr = (char *) pkt_a_name(pkt); + req_inst_ptr = (char *) pkt_a_inst(pkt); + req_realm_ptr = (char *) pkt_a_realm(pkt); + bcopy(pkt_time_ws(pkt), &req_time_ws, sizeof(req_time_ws)); + msg_byte_order = req_msg_type & 1; - swap_bytes = 0; if (msg_byte_order != HOST_BYTE_ORDER) { - swap_bytes++; + swap_u_long(req_time_ws) } klog(L_KRB_PINFO, "Prot version: %d, Byte order: %d, Message type: %d", @@ -392,15 +399,6 @@ kerberos(client, pkt) k_flags = 0; /* various kerberos flags */ - /* set up and correct for byte order and alignment */ - req_name_ptr = (char *) pkt_a_name(pkt); - req_inst_ptr = (char *) pkt_a_inst(pkt); - req_realm_ptr = (char *) pkt_a_realm(pkt); - bcopy(pkt_time_ws(pkt), &req_time_ws, sizeof(req_time_ws)); - /* time has to be diddled */ - if (swap_bytes) { - swap_u_long(req_time_ws); - } ptr = (char *) pkt_time_ws(pkt) + 4; req_life = (u_long) (*ptr++); @@ -497,6 +495,7 @@ kerberos(client, pkt) n_appl_req++; tk->length = 0; k_flags = 0; /* various kerberos flags */ + kerno = KSUCCESS; auth->length = 4 + strlen(pkt->dat + 3); auth->length += (int) *(pkt->dat + auth->length) + |
