From 3dc58eaca386660aaa9ff5c4e07ba94ece2fa9c5 Mon Sep 17 00:00:00 2001 From: xuraoqing Date: Tue, 19 Mar 2024 10:30:49 +0800 Subject: [PATCH] backport patches from upstream Signed-off-by: xuraoqing --- ...move-klist-s-defname-global-variable.patch | 73 +++++++++++++++++++ krb5.spec | 6 +- 2 files changed, 78 insertions(+), 1 deletion(-) create mode 100644 backport-Remove-klist-s-defname-global-variable.patch diff --git a/backport-Remove-klist-s-defname-global-variable.patch b/backport-Remove-klist-s-defname-global-variable.patch new file mode 100644 index 0000000..02ba16d --- /dev/null +++ b/backport-Remove-klist-s-defname-global-variable.patch @@ -0,0 +1,73 @@ +From 5b00197227231943bd2305328c8260dd0b0dbcf0 Mon Sep 17 00:00:00 2001 +From: Julien Rische +Date: Mon, 8 Jan 2024 16:52:27 +0100 +Subject: [PATCH] Remove klist's defname global variable + +Addition of a "cleanup" section in kinit's show_ccache() function as +part of commit 6c5471176f5266564fbc8a7e02f03b4b042202f8 introduced a +double-free bug, because defname is a global variable. After the +first call, successive calls may take place with a dangling pointer in +defname, which will be freed if krb5_cc_get_principal() fails. + +Convert "defname" to a local variable initialized at the beginning of +show_ccache(). + +[ghudson@mit.edu: edited commit message] + +Reference:https://github.com/krb5/krb5/commit/5b00197227231943bd2305328c8260dd0b0dbcf0 +Conflict:NA + +--- + src/clients/klist/klist.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/clients/klist/klist.c b/src/clients/klist/klist.c +index b5ae96a84..b5808e5c9 100644 +--- a/src/clients/klist/klist.c ++++ b/src/clients/klist/klist.c +@@ -53,7 +53,6 @@ int show_flags = 0, show_time = 0, status_only = 0, show_keys = 0; + int show_etype = 0, show_addresses = 0, no_resolve = 0, print_version = 0; + int show_adtype = 0, show_all = 0, list_all = 0, use_client_keytab = 0; + int show_config = 0; +-char *defname; + char *progname; + krb5_timestamp now; + unsigned int timestamp_width; +@@ -62,7 +61,7 @@ krb5_context context; + + static krb5_boolean is_local_tgt(krb5_principal princ, krb5_data *realm); + static char *etype_string(krb5_enctype ); +-static void show_credential(krb5_creds *); ++static void show_credential(krb5_creds *, const char *); + + static void list_all_ccaches(void); + static int list_ccache(krb5_ccache); +@@ -473,6 +472,7 @@ show_ccache(krb5_ccache cache) + krb5_creds creds; + krb5_principal princ = NULL; + krb5_error_code ret; ++ char *defname = NULL; + int status = 1; + + ret = krb5_cc_get_principal(context, cache, &princ); +@@ -503,7 +503,7 @@ show_ccache(krb5_ccache cache) + } + while ((ret = krb5_cc_next_cred(context, cache, &cur, &creds)) == 0) { + if (show_config || !krb5_is_config_principal(context, creds.server)) +- show_credential(&creds); ++ show_credential(&creds, defname); + krb5_free_cred_contents(context, &creds); + } + if (ret == KRB5_CC_END) { +@@ -676,7 +676,7 @@ print_config_data(int col, krb5_data *data) + } + + static void +-show_credential(krb5_creds *cred) ++show_credential(krb5_creds *cred, const char *defname) + { + krb5_error_code ret; + krb5_ticket *tkt = NULL; +-- +2.33.0 + diff --git a/krb5.spec b/krb5.spec index f4db694..4c46a9c 100644 --- a/krb5.spec +++ b/krb5.spec @@ -3,7 +3,7 @@ Name: krb5 Version: 1.19.2 -Release: 14 +Release: 15 Summary: The Kerberos network authentication protocol License: MIT URL: http://web.mit.edu/kerberos/www/ @@ -46,6 +46,7 @@ Patch22: backport-Add-and-use-ts_interval-helper.patch Patch23: backport-Avoid-small-read-overrun-in-UTF8-normalization.patch Patch24: backport-Use-memmove-in-Unicode-functions.patch Patch25: backport-In-PKINIT-check-for-null-PKCS7-enveloped-fields.patch +Patch26: backport-Remove-klist-s-defname-global-variable.patch BuildRequires: gettext BuildRequires: gcc make automake autoconf pkgconfig pam-devel libselinux-devel byacc @@ -338,6 +339,9 @@ make -C src check || : %changelog +* Tue Mar 19 2024 xuraoqing - 1.19.2-15 +- backport patches from upstream + * Thu Jan 25 2024 zhangruifang - 1.19.2-14 - Backport patches from upstream community -- Gitee