pullup from trunk
authorTom Yu <tlyu@mit.edu>
Tue, 18 Jan 2005 17:54:27 +0000 (17:54 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 18 Jan 2005 17:54:27 +0000 (17:54 +0000)
ticket: 2881
version_fixed: 1.4

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-4@17055 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/ChangeLog
src/lib/krb5/krb/copy_princ.c
src/lib/krb5/krb/cp_key_cnt.c

index 4b01bfcb83b5a4a875a66e8b6acfa9cbacc2290a..bcd2531c59593adb388108ffbc1ba00bf3f4c19c 100644 (file)
@@ -1,3 +1,11 @@
+2005-01-15  Jeffrey Altman <jaltman@mit.edu>
+
+        * cp_key_cnt.c, copy_princ.c:
+          prevent krb5_copy_principal() and krb5_copy_keyblock() from
+          calling malloc(0).  On platforms in which malloc(0) returns   
+          NULL, these functions will return an ENOMEM error the way
+          they were written.  
+
 2005-01-03  Ken Raeburn  <raeburn@mit.edu>
 
        * parse.c (krb5_parse_name): Don't cache the default realm name.
index 569e55b90ac27f4765737c3e02477c7982b65fb1..f623236958e18fc92286d915e000a40ac839ec62 100644 (file)
@@ -60,32 +60,36 @@ krb5_copy_principal(krb5_context context, krb5_const_principal inprinc, krb5_pri
     for (i = 0; i < nelems; i++) {
        unsigned int len = krb5_princ_component(context, inprinc, i)->length;
        krb5_princ_component(context, tempprinc, i)->length = len;
-       if (((krb5_princ_component(context, tempprinc, i)->data =
-             malloc(len)) == 0) && len) {
-           while (--i >= 0)
-               free(krb5_princ_component(context, tempprinc, i)->data);
-           free (tempprinc->data);
-           free (tempprinc);
-           return ENOMEM;
-       }
-       if (len)
+        if (len) {
+            if (((krb5_princ_component(context, tempprinc, i)->data =
+                   malloc(len)) == 0)) {
+                while (--i >= 0)
+                    free(krb5_princ_component(context, tempprinc, i)->data);
+                free (tempprinc->data);
+                free (tempprinc);
+                return ENOMEM;
+            }
            memcpy(krb5_princ_component(context, tempprinc, i)->data,
                   krb5_princ_component(context, inprinc, i)->data, len);
+        } else
+            krb5_princ_component(context, tempprinc, i)->data = 0;
     }
 
-    tempprinc->realm.data =
+    if (tempprinc->realm.length) {
+        tempprinc->realm.data =
            malloc(tempprinc->realm.length = inprinc->realm.length);
-    if (!tempprinc->realm.data && tempprinc->realm.length) {
+        if (!tempprinc->realm.data) {
            for (i = 0; i < nelems; i++)
-                   free(krb5_princ_component(context, tempprinc, i)->data);
+                free(krb5_princ_component(context, tempprinc, i)->data);
            free(tempprinc->data);
            free(tempprinc);
            return ENOMEM;
-    }
-    if (tempprinc->realm.length)
+        }
        memcpy(tempprinc->realm.data, inprinc->realm.data,
               inprinc->realm.length);
-    
+    } else
+        tempprinc->realm.data = 0;
+
     *outprinc = tempprinc;
     return 0;
 }
index b39a6a98a2be81b4b86f6da0250198588700c629..150be0a57e5c75a9a36a792857050281a3d96f62 100644 (file)
@@ -36,9 +36,12 @@ krb5_error_code KRB5_CALLCONV
 krb5_copy_keyblock_contents(krb5_context context, const krb5_keyblock *from, krb5_keyblock *to)
 {
     *to = *from;
-    to->contents = (krb5_octet *)malloc(to->length);
-    if (!to->contents)
-       return ENOMEM;
-    memcpy((char *)to->contents, (char *)from->contents, to->length);
+    if (to->length) {
+        to->contents = (krb5_octet *)malloc(to->length);
+        if (!to->contents)
+            return ENOMEM;
+        memcpy((char *)to->contents, (char *)from->contents, to->length);
+    } else 
+        to->contents = 0;
     return 0;
 }