Prevent a library double-free and crash when a keytab is zero-length.

author Russ Allbery <rra@stanford.edu>

Tue, 13 Jun 2006 14:14:27 +0000 (14:14 +0000)

committer Russ Allbery <rra@stanford.edu>

Tue, 13 Jun 2006 14:14:27 +0000 (14:14 +0000)
author Russ Allbery <rra@stanford.edu>
Tue, 13 Jun 2006 14:14:27 +0000 (14:14 +0000)
committer Russ Allbery <rra@stanford.edu>
Tue, 13 Jun 2006 14:14:27 +0000 (14:14 +0000)
diff --git a/src/lib/krb5/keytab/kt_file.c b/src/lib/krb5/keytab/kt_file.c

index c0358bfcbb01f97106251b0811e93a8b00a6c452..c31b90f34f13681a8a127389971c45ac68d9302a 100644 (file)
--- a/src/lib/krb5/keytab/kt_file.c
+++ b/src/lib/krb5/keytab/kt_file.c
@@ -1092,7 +1092,10 @@ krb5_ktfileint_open(krb5_context context, krb5_keytab id, int mode)
      } else {
         /* gotta verify it instead... */
         if (!xfread(&kt_vno, sizeof(kt_vno), 1, KTFILEP(id))) {
-           kerror = errno;
+           if (feof(KTFILEP(id)))
+               kerror = KRB5_KEYTAB_BADVNO;
+           else
+               kerror = errno;
             (void) krb5_unlock_file(context, fileno(KTFILEP(id)));
             (void) fclose(KTFILEP(id));
             return kerror;
author	Russ Allbery <rra@stanford.edu>
	Tue, 13 Jun 2006 14:14:27 +0000 (14:14 +0000)
committer	Russ Allbery <rra@stanford.edu>
	Tue, 13 Jun 2006 14:14:27 +0000 (14:14 +0000)