From: Ezra Peisach Date: Thu, 14 Aug 2008 05:09:12 +0000 (+0000) Subject: Error return from krb5int_random_string not tested in ccache code X-Git-Tag: krb5-1.7-alpha1~494 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=98977c054ef689fbbc0b245309ee58fe0503196d;p=krb5.git Error return from krb5int_random_string not tested in ccache code krb5int_random_string should probably only fail on malloc failure. Test for an error return from the function and cleanup properly (release mutex, return error instead of using uninitialized memory). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20655 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c index 638db3c7f..163ad30f7 100644 --- a/src/lib/krb5/ccache/cc_keyring.c +++ b/src/lib/krb5/ccache/cc_keyring.c @@ -874,7 +874,13 @@ krb5_krcc_generate_new(krb5_context context, krb5_ccache * id) * a unique name, or we get an error. */ while (1) { - krb5int_random_string(context, uniquename, sizeof(uniquename)); + kret = krb5int_random_string(context, uniquename, sizeof(uniquename)); + if (kret) { + k5_mutex_unlock(&krb5int_krcc_mutex); + free(lid); + return kret; + } + DEBUG_PRINT(("krb5_krcc_generate_new: searching for name '%s'\n", uniquename)); key = keyctl_search(ring_id, KRCC_KEY_TYPE_KEYRING, uniquename, 0); diff --git a/src/lib/krb5/ccache/cc_memory.c b/src/lib/krb5/ccache/cc_memory.c index 504dccb73..0014407c7 100644 --- a/src/lib/krb5/ccache/cc_memory.c +++ b/src/lib/krb5/ccache/cc_memory.c @@ -471,7 +471,12 @@ krb5_mcc_generate_new (krb5_context context, krb5_ccache *id) while (1) { krb5_mcc_list_node *ptr; - krb5int_random_string (context, uniquename, sizeof (uniquename)); + err = krb5int_random_string (context, uniquename, sizeof (uniquename)); + if (err) { + k5_mutex_unlock(&krb5int_mcc_mutex); + free(lid); + return err; + } for (ptr = mcc_head; ptr; ptr=ptr->next) { if (!strcmp(ptr->cache->name, uniquename)) {