From: Sam Hartman <hartmans@mit.edu>
Date: Thu, 7 Sep 2006 11:12:40 +0000 (+0000)
Subject: * walk_rtree.c (dbgref_dump_principal):Move here from
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=98ff774104b67e5a212b806bb85d028e0eab7f98;p=thirdparty%2Fkrb5.git

* walk_rtree.c (dbgref_dump_principal):Move here from
        gc_frm_kdc.c so make check works

* gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Fill in length of
realm after populating from client

* copy_princ.c (krb5_copy_principal): Always allocate space for realms even if they are empty.  Always defensively null terminate.  Note that realms may still have internal null characters; they are not strings.

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/referrals@18568 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/krb5/krb/copy_princ.c b/src/lib/krb5/krb/copy_princ.c
index d16c17b5c6..70dfd91d89 100644
--- a/src/lib/krb5/krb/copy_princ.c
+++ b/src/lib/krb5/krb/copy_princ.c
@@ -71,20 +71,19 @@ krb5_copy_principal(krb5_context context, krb5_const_principal inprinc, krb5_pri
             krb5_princ_component(context, tempprinc, i)->data = 0;
     }
 
-    if (tempprinc->realm.length) {
-        tempprinc->realm.data =
-	    malloc(tempprinc->realm.length = inprinc->realm.length);
-        if (!tempprinc->realm.data) {
-	    for (i = 0; i < nelems; i++)
-                free(krb5_princ_component(context, tempprinc, i)->data);
-	    free(tempprinc->data);
-	    free(tempprinc);
-	    return ENOMEM;
-        }
-	memcpy(tempprinc->realm.data, inprinc->realm.data,
-	       inprinc->realm.length);
-    } else
-        tempprinc->realm.data = 0;
+
+	 tempprinc->realm.data =
+	     malloc((tempprinc->realm.length = inprinc->realm.length) + 1);
+	 if (!tempprinc->realm.data) {
+	     for (i = 0; i < nelems; i++)
+		 free(krb5_princ_component(context, tempprinc, i)->data);
+	     free(tempprinc->data);
+	     free(tempprinc);
+	     return ENOMEM;
+	 }
+	 memcpy(tempprinc->realm.data, inprinc->realm.data,
+		inprinc->realm.length);
+	 tempprinc->realm.data[tempprinc->realm.length] = 0;
 
     *outprinc = tempprinc;
     return 0;
diff --git a/src/lib/krb5/krb/gc_frm_kdc.c b/src/lib/krb5/krb/gc_frm_kdc.c
index 2e9b8f2237..af8689f84d 100644
--- a/src/lib/krb5/krb/gc_frm_kdc.c
+++ b/src/lib/krb5/krb/gc_frm_kdc.c
@@ -796,12 +796,15 @@ krb5_get_cred_from_kdc_opt(krb5_context context, krb5_ccache ccache,
     /* Copy client realm to server if no hint. */
     if (!strcmp(server->realm.data, KRB5_REFERRAL_REALM)) {   // XXX a realm is not a string!
         /* Use the client realm. */
+
 #ifdef DEBUG_REFERRALS
         printf("gc_from_kdc: no server realm supplied, using client realm.\n");
 #endif
-        if (!( server->realm.data = (char *)malloc(client->realm.length)))
-	    return ENOMEM;
+			        if (!( server->realm.data = (char *)malloc(client->realm.length+1)))
+			    return ENOMEM;
 	memcpy(server->realm.data, client->realm.data, client->realm.length);
+	server->realm.length = client->realm.length;
+	server->realm.data[server->realm.length] = 0;
     }
     /*
      * Retreive initial TGT to match the specified server, either for the
@@ -1043,15 +1046,3 @@ krb5_get_cred_from_kdc_renew(krb5_context context, krb5_ccache ccache,
 				      KDC_OPT_RENEW);
 }
 
-#ifdef DEBUG_REFERRALS
-void dbgref_dump_principal(char *d, krb5_principal p)
-{
-	int n;
-
-	printf("  **%s: ",d);
-	for (n=0;n<p->length;n++)
-	  printf("%s<%.*s>",(n>0)?"/":"",p->data[n].length,p->data[n].data);
-	printf("@<%.*s>  (length %d, type %d)\n",p->realm.length,p->realm.data,
-	       p->length, p->type);
-}
-#endif
diff --git a/src/lib/krb5/krb/walk_rtree.c b/src/lib/krb5/krb/walk_rtree.c
index e676549612..cb76fb235e 100644
--- a/src/lib/krb5/krb/walk_rtree.c
+++ b/src/lib/krb5/krb/walk_rtree.c
@@ -399,3 +399,16 @@ krb5_walk_realm_tree(krb5_context context, const krb5_data *client, const krb5_d
 #endif
     return 0;
 }
+
+#ifdef DEBUG_REFERRALS
+void dbgref_dump_principal(char *d, krb5_principal p)
+{
+    int n;
+	      
+    printf("  **%s: ",d);
+    for (n=0;n<p->length;n++)
+	printf("%s<%.*s>",(n>0)?"/":"",p->data[n].length,p->data[n].data);
+    printf("@<%.*s>  (length %d, type %d)\n",p->realm.length,p->realm.data,
+	   p->length, p->type);
+}
+#endif