pull up r22369 from trunk

 ------------------------------------------------------------------------
 r22369 | ghudson | 2009-05-24 17:53:51 +0200 (Sun, 24 May 2009) | 11 lines

 ticket: 6496
 subject: Fix vector initialization error in KDC preauth code
 target_version: 1.7
 tags: pullup

 In the KDC, get_preauth_hint_list had two bugs initializing the
 preauth array.  It was allocating 21 extra entries instead of two due
 to a typo (harmless), and it was only zeroing up through one extra
 entry (harmful).  Adjust the code to use calloc to avoid further
 disagreements of this nature.

ticket: 6496
version_fixed: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@22377 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c
index 63f76875607d5dbfadfd74d0f942beb646e240a5..cc7ae34ed4ce2530dee9f25f4d6ae065985940c9 100644 (file)
--- a/src/kdc/kdc_preauth.c
+++ b/src/kdc/kdc_preauth.c
@@ -972,11 +972,10 @@ void get_preauth_hint_list(krb5_kdc_req *request, krb5_db_entry *client,
     e_data->data = 0;
     
     hw_only = isflagset(client->attributes, KRB5_KDB_REQUIRES_HW_AUTH);
-    /* Allocate 1 entry for the terminator and one for the cookie*/
-    pa_data = malloc(sizeof(krb5_pa_data *) * (n_preauth_systems+21));
+    /* Allocate two extra entries for the cookie and the terminator. */
+    pa_data = calloc(n_preauth_systems + 2, sizeof(krb5_pa_data *));
     if (pa_data == 0)
        return;
-    memset(pa_data, 0, sizeof(krb5_pa_data *) * (n_preauth_systems+1));
     pa = pa_data;
 
     for (ap = preauth_systems; ap->type != -1; ap++) {