+Wed Jun 24 03:09:28 1998 Tom Yu <tlyu@mit.edu>
+
+ * mk_priv.c (krb_mk_priv): Fix up call to pcbc_encrypt(). By
+ taking the address of key, the 5th arg to pcbc_encrypt() was
+ actually a (char **) cast to a (C_Block *). The reason for this
+ is that a C_Block (actually a des_cblock) is typedef'ed from a
+ char[8], which by being in the parameters of the definition of
+ krb_mk_priv() becomes of type (char *). This means that using the
+ address operator on key resulted in a pointer to a pointer to a
+ char rather than a pointer to a des_cblock, which would have been
+ innocuous in this case because pcbc_encrypt() actually takes a
+ (des_cblock *) as the 5th (ivec) argument. The moral is to never
+ pass around naked arrays as function arguments; instead, pass
+ around pointers to arrays to avoid spontaneous conversions to
+ pointers sneaking up. Note that CNS actually uses a (C_Block *)
+ everywhere, and maybe we should as well. *whew*
+
1998-05-08 Theodore Ts'o <tytso@rsts-11.mit.edu>
* stime.c (krb_stime):
#ifndef NOENCRYPTION
/* pcbc encrypt, pad as needed, use key as ivec */
pcbc_encrypt((C_Block *) q,(C_Block *) q, (long) (p-q), schedule,
- (C_Block *)&key, ENCRYPT);
+ (C_Block *)key, ENCRYPT);
#endif /* NOENCRYPTION */
return (q - out + c_length); /* resulting size */
projects / krb5.git / commitdiff