[Bug 1066] off-by-one error with GSSAPI names

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Aug 30 20:58:53 EST 2005


------- Additional Comments From dleonard at vintela.com  2005-08-30 20:58 -------
(In reply to comment #4)
> However, in the case of import_name, all of the GSSAPI implementations I have
> source for then take the buffer, malloc a string 1 character longer, and stick a
> NULL back on the end. I can't see anyway in which already having the string NULL
> terminated would cause the problems that David's describing.

You are right; the symptom I am seeing actually came back after this fix, and I
am still trying to track it down. (It was an extra '0' or '@' after the realm
name, but realm referrals are happening.. it is possibly somewhere beneath the
gssapi interface.)

I am using a gss impl derived from heimdal, and you're right; it does exactly
the malloc you spoke of. so my analysis was wrong. this is likely a benign bug.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-bugs mailing list