Avoid infinite loop on duplicate keysalts

author Ben Kaduk <kaduk@mit.edu>

Thu, 20 Nov 2014 20:44:04 +0000 (15:44 -0500)

committer Tom Yu <tlyu@mit.edu>

Tue, 16 Dec 2014 18:15:34 +0000 (13:15 -0500)
author Ben Kaduk <kaduk@mit.edu>
Thu, 20 Nov 2014 20:44:04 +0000 (15:44 -0500)
committer Tom Yu <tlyu@mit.edu>
Tue, 16 Dec 2014 18:15:34 +0000 (13:15 -0500)
diff --git a/src/lib/kadm5/str_conv.c b/src/lib/kadm5/str_conv.c

index 216b580bd8f62216392a35e195684d78686d5406..c28a1e9324cb2e021abd3a1900ab8d294ab65be2 100644 (file)
--- a/src/lib/kadm5/str_conv.c
+++ b/src/lib/kadm5/str_conv.c
@@ -300,18 +300,17 @@ krb5_string_to_keysalts(const char *string, const char *tupleseps,
              goto cleanup;
  
          /* Ignore duplicate keysalts if caller asks. */
-        if (!dups && krb5_keysalt_is_present(ksalts, nksalts, etype, stype))
-            continue;
-
-        ksalts_new = realloc(ksalts, (nksalts + 1) * sizeof(*ksalts));
-        if (ksalts_new == NULL) {
-            ret = ENOMEM;
-            goto cleanup;
+        if (dups || !krb5_keysalt_is_present(ksalts, nksalts, etype, stype)) {
+            ksalts_new = realloc(ksalts, (nksalts + 1) * sizeof(*ksalts));
+            if (ksalts_new == NULL) {
+                ret = ENOMEM;
+                goto cleanup;
+            }
+            ksalts = ksalts_new;
+            ksalts[nksalts].ks_enctype = etype;
+            ksalts[nksalts].ks_salttype = stype;
+            nksalts++;
          }
-        ksalts = ksalts_new;
-        ksalts[nksalts].ks_enctype = etype;
-        ksalts[nksalts].ks_salttype = stype;
-        nksalts++;
          ksp = strtok_r(NULL, tseps, &tlasts);
      }
      *ksaltp = ksalts;
author	Ben Kaduk <kaduk@mit.edu>
	Thu, 20 Nov 2014 20:44:04 +0000 (15:44 -0500)
committer	Tom Yu <tlyu@mit.edu>
	Tue, 16 Dec 2014 18:15:34 +0000 (13:15 -0500)