mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
heimdal: Fix CID 240793 Uninitialized scalar variable
tmp.data is uninitialized in the fwrite call Hopefully I don't create a problem here: If tmp.data is supposed to be randomly set, I think the right fix would have been to explicitly call a random function initializing it. <jra@samba.org> ------------------------------------------------------------ I have looked through the code carefully. Your fix is safe. The first entry in the replay file created in krb5_rc_initialize() is only used to store the 'krb5_deltat auth_lifespan' value, the associated data[16] value is never looked at. (Look at the code in krb5_rc_store() and krb5_rc_get_lifespan() to confirm). Only subsequent data[16] values are checked with memcmp. ------------------------------------------------------------ Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
parent
3876e59826
commit
4ae2266015
@ -129,7 +129,7 @@ krb5_rc_initialize(krb5_context context,
|
||||
krb5_deltat auth_lifespan)
|
||||
{
|
||||
FILE *f = fopen(id->name, "w");
|
||||
struct rc_entry tmp;
|
||||
struct rc_entry tmp = { .stamp = auth_lifespan };
|
||||
int ret;
|
||||
|
||||
if(f == NULL) {
|
||||
@ -139,7 +139,6 @@ krb5_rc_initialize(krb5_context context,
|
||||
krb5_set_error_message(context, ret, "open(%s): %s", id->name, buf);
|
||||
return ret;
|
||||
}
|
||||
tmp.stamp = auth_lifespan;
|
||||
fwrite(&tmp, 1, sizeof(tmp), f);
|
||||
fclose(f);
|
||||
return 0;
|
||||
|
Loading…
Reference in New Issue
Block a user