[Bug 512271] [NEW] kinit crash

[Sam Hartman]

Hi.  This is probably fixed in krb5 1.8+dfsg~alpha1-5, currently in
Debian unstable.
(There's a bug in that free routine that has been fixed.  Without
libkrb5-dbg installed when the trace is taken, I cannot tell whether
the bug is identical)

Someone on the Ubuntu side could request a sync for unstable or simply
wait for this to hit testing and do an automatic sync.

Attached is the Debian patch for this issue:
commit 2a663b1c184ec10a450b2709bb7525447bb99bac
Author: Sam Hartman <hartmans at debian.org>
Date:   Fri Jan 22 17:13:51 2010 -0500

    subject: krb5int_fast_free_state segfaults if state is null
    ticket: new
    target_version: 1.8
    tags: pullup
    
    krb5int_fast_free_state fails if state is null.  INstead it should
    simply return Reorganization of the get_init_creds logic has created
    situations where the init_creds loop can fail between the time when
    the context is initialized and the fast state is initialized.

diff --git a/src/lib/krb5/krb/fast.c b/src/lib/krb5/krb/fast.c
index 2ebbdcf..1ff2d67 100644
--- a/src/lib/krb5/krb/fast.c
+++ b/src/lib/krb5/krb/fast.c
@@ -533,6 +533,8 @@ krb5int_fast_make_state( krb5_context context, struct krb5int_fast_request_state
 void
 krb5int_fast_free_state( krb5_context context, struct krb5int_fast_request_state *state)
 {
+    if (state == NULL)
+        return;
     /*We are responsible for none of the store in the fast_outer_req*/
     krb5_free_keyblock(context, state->armor_key);
     krb5_free_fast_armor(context, state->armor);

-- 
kinit crash
https://bugs.launchpad.net/bugs/512271
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in ubuntu.