CVS commit: src/crypto/external/bsd/heimdal/dist/lib/krb5

[Kamil Rytarowski]

Module Name:    src
Committed By:   kamil
Date:           Sat Jun 16 18:51:36 UTC 2018

Modified Files:
        src/crypto/external/bsd/heimdal/dist/lib/krb5: config_file.c

Log Message:
Do not reference buffer after the code scope {}

rk_getpwuid_r() returns a pointer pwd->pw_dir to a buffer pwbuf[].

It's not safe to store another a copy of pwd->pw_dir in outter scope and
use it out of the scope where there exists pwbuf[].

This fixes a problem reported by ASan under MKSANITIZER.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
    src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c
diff -u src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c:1.3 src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c:1.4
--- src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c:1.3	Fri Sep  8 15:29:43 2017
+++ src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c	Sat Jun 16 18:51:36 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: config_file.c,v 1.3 2017/09/08 15:29:43 christos Exp $	*/
+/*	$NetBSD: config_file.c,v 1.4 2018/06/16 18:51:36 kamil Exp $	*/
 
 /*
  * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan
@@ -430,6 +430,8 @@ krb5_config_parse_file_multi (krb5_conte
     if (ISTILDE(fname[0]) && ISPATHSEP(fname[1])) {
 #ifndef KRB5_USE_PATH_TOKENS
 	const char *home = NULL;
+	struct passwd pw, *pwd = NULL;
+	char pwbuf[2048];
 
 	if (!_krb5_homedir_access(context)) {
 	    krb5_set_error_message(context, EPERM,
@@ -441,9 +443,6 @@ krb5_config_parse_file_multi (krb5_conte
 	    home = getenv("HOME");
 
 	if (home == NULL) {
-	    struct passwd pw, *pwd = NULL;
-	    char pwbuf[2048];
-
 	    if (rk_getpwuid_r(getuid(), &pw, pwbuf, sizeof(pwbuf), &pwd) == 0)
 		home = pwd->pw_dir;
 	}