svn commit: samba r2057 - branches/SAMBA_3_0/source branches/SAMBA_3_0/source/libsmb trunk/source trunk/source/libsmb

Love lha at stacken.kth.se
Tue Aug 31 10:53:08 GMT 2004 

gd at samba.org writes:

> Author: gd
> Date: 2004-08-25 07:52:23 +0000 (Wed, 25 Aug 2004)
> New Revision: 2057
>
> WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/&rev=2057&nolog=1
>
> Log:
> Although rarely used, prevent "net lookup kdc" from segfaulting when
> using our own implementation of krb5_lookup_kdc with heimdal. Also,
> heimdals krb5_krbhst_next() obviously does not retrieve the struct
> addrinfo in the krb5_krbhst_info-struct, using
> krb5_krbhst_get_addrinfo() instead.

This can't be right. Passing in random value on the stack to
krb5_krbhost_get_addrinfo will derefrence and set to the ai should be a
good recipe for later disaster.

I changed the return to a continue since failing to resolve one host
shouldn't make the whole operation fail, right ?

Also, the code should look over all ai's in the hostinfo, just not the
first one (that will be a ipv6 address on all kame/isc derived resolver
libs).

Love

Index: libcli/auth/clikrb5.c
===================================================================
--- libcli/auth/clikrb5.c	(revision 2124)
+++ libcli/auth/clikrb5.c	(working copy)
@@ -181,7 +181,7 @@
 	krb5_error_code rc;
 	int num_kdcs, i;
 	struct sockaddr *sa;
-	struct addrinfo **ai;
+	struct addrinfo *ai;
 
 	*addr_pp = NULL;
 	*naddrs = 0;
@@ -217,10 +217,10 @@
 	for (i = 0; i < num_kdcs && (rc = krb5_krbhst_next(ctx, hnd, &hinfo) == 0); i++) {
 
 #if defined(HAVE_KRB5_KRBHST_GET_ADDRINFO)
-		rc = krb5_krbhst_get_addrinfo(ctx, hinfo, ai);
+		rc = krb5_krbhst_get_addrinfo(ctx, hinfo, &ai);
 		if (rc) {
 			DEBUG(0,("krb5_krbhst_get_addrinfo failed: %s\n", error_message(rc)));
-			return rc;
+			continue;
 		}
 #endif
 		if (hinfo->ai && hinfo->ai->ai_family == AF_INET) 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 823 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20040831/1692cc09/attachment.bin

More information about the samba-technical mailing list