Module Name: src Committed By: kamil Date: Sat Jun 16 18:51:36 UTC 2018
Modified Files: src/crypto/external/bsd/heimdal/dist/lib/krb5: config_file.c Log Message: Do not reference buffer after the code scope {} rk_getpwuid_r() returns a pointer pwd->pw_dir to a buffer pwbuf[]. It's not safe to store another a copy of pwd->pw_dir in outter scope and use it out of the scope where there exists pwbuf[]. This fixes a problem reported by ASan under MKSANITIZER. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 \ src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c diff -u src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c:1.3 src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c:1.4 --- src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c:1.3 Fri Sep 8 15:29:43 2017 +++ src/crypto/external/bsd/heimdal/dist/lib/krb5/config_file.c Sat Jun 16 18:51:36 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: config_file.c,v 1.3 2017/09/08 15:29:43 christos Exp $ */ +/* $NetBSD: config_file.c,v 1.4 2018/06/16 18:51:36 kamil Exp $ */ /* * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan @@ -430,6 +430,8 @@ krb5_config_parse_file_multi (krb5_conte if (ISTILDE(fname[0]) && ISPATHSEP(fname[1])) { #ifndef KRB5_USE_PATH_TOKENS const char *home = NULL; + struct passwd pw, *pwd = NULL; + char pwbuf[2048]; if (!_krb5_homedir_access(context)) { krb5_set_error_message(context, EPERM, @@ -441,9 +443,6 @@ krb5_config_parse_file_multi (krb5_conte home = getenv("HOME"); if (home == NULL) { - struct passwd pw, *pwd = NULL; - char pwbuf[2048]; - if (rk_getpwuid_r(getuid(), &pw, pwbuf, sizeof(pwbuf), &pwd) == 0) home = pwd->pw_dir; }