Hi!
I've recently spent some time debugging an issue with subversion accessing a
repository using Kerberos authentication, and I found a bug in ne_auth.c. The
patch below fixes this. In essence, the code failed to check for a valid
function pointer before dereferencing it, ending up in execution off of a NULL
pointer.
Is this fix the correct thing to do? We see correct kerberos authentication
with this in place. Thanks!
diff -urN neon-0.26.3/src/ne_auth.c neon/src/ne_auth.c
--- neon-0.26.3/src/ne_auth.c 2007-01-22 11:12:23.000000000 -0500
+++ neon/src/ne_auth.c 2007-02-06 10:47:17.162832200 -0500
@@ -1211,7 +1211,7 @@
&& (sess->protocol->flags & AUTH_FLAG_VERIFY_NON40x) == 0) {
ret = sess->protocol->verify(areq, sess, auth_info_hdr);
}
- else if (sess->protocol
+ else if (sess->protocol && sess->protocol->verify
&& sess->protocol->flags && AUTH_FLAG_VERIFY_NON40x
&& (status->klass == 2 || status->klass == 3)
&& auth_hdr) {
_______________________________________________
neon mailing list
[email protected]
http://mailman.webdav.org/mailman/listinfo/neon
