summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChris Fraire <cfraire@me.com>2021-07-25 12:10:16 -0500
committerDan McDonald <danmcd@joyent.com>2021-08-10 13:08:28 -0400
commit298aa1575e761a7d02bc7c65fa603ffd0266fcb7 (patch)
tree099d678713a822ab0272974b5b6f0aba27eb0a52
parentff67a31b6b184e832f89a53763c02c35bd1a7291 (diff)
downloadillumos-joyent-298aa1575e761a7d02bc7c65fa603ffd0266fcb7.tar.gz
13935 ksetpw passes integers to %s format specifier
13936 ksetpw typo to strtok_r() prevents space delimited -e enctype_list 13942 ksetpw salt may be used uninitialized Reviewed by: Toomas Soome <tsoome@me.com> Approved by: Dan McDonald <danmcd@joyent.com>
-rw-r--r--usr/src/cmd/krb5/kadmin/kclient/ksetpw.c19
1 files changed, 12 insertions, 7 deletions
diff --git a/usr/src/cmd/krb5/kadmin/kclient/ksetpw.c b/usr/src/cmd/krb5/kadmin/kclient/ksetpw.c
index 40b0cd8a04..b19d034372 100644
--- a/usr/src/cmd/krb5/kadmin/kclient/ksetpw.c
+++ b/usr/src/cmd/krb5/kadmin/kclient/ksetpw.c
@@ -22,6 +22,7 @@
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Portions Copyright 2021, Chris Fraire <cfraire@me.com>.
*/
#include <stdio.h>
@@ -55,7 +56,7 @@ main(int argc, char **argv)
krb5_ccache cc = NULL;
krb5_keytab kt = NULL;
krb5_kvno kvno = 1;
- krb5_principal victim, salt;
+ krb5_principal victim, salt = NULL;
char c, *vprincstr, *ktname, *token, *lasts, *newpw;
int result_code, i, len, nflag = 0;
krb5_data result_code_string, result_string;
@@ -113,7 +114,7 @@ main(int argc, char **argv)
break;
case 'e':
len = strlen(optarg);
- token = strtok_r(optarg, ",\t,", &lasts);
+ token = strtok_r(optarg, ",\t ", &lasts);
if (token == NULL)
usage();
@@ -244,6 +245,9 @@ main(int argc, char **argv)
if (enctype_count && (code = kt_remove_entries(ctx, kt, victim)))
goto error;
+ if (salt == NULL)
+ salt = victim;
+
for (i = 0; i < enctype_count; i++)
kt_add_entry(ctx, kt, victim, salt, enctypes[i], kvno, newpw);
@@ -334,9 +338,10 @@ kt_add_entry(krb5_context ctx, krb5_keytab kt, const krb5_principal princ,
krb5_data password, salt;
krb5_keyblock key;
krb5_error_code code;
- char buf[100];
+ char enctype_name[100];
- if ((code = krb5_enctype_to_string(enctype, buf, sizeof (buf)))) {
+ if ((code = krb5_enctype_to_string(enctype, enctype_name,
+ sizeof (enctype_name)))) {
com_err(whoami, code, gettext("Enctype %d has no name!"),
enctype);
return;
@@ -353,15 +358,15 @@ kt_add_entry(krb5_context ctx, krb5_keytab kt, const krb5_principal princ,
if ((code = krb5_principal2salt(ctx, sprinc, &salt)) != 0) {
com_err(whoami, code,
- gettext("Could not compute salt for %s"), enctype);
+ gettext("Could not compute salt for %s"), enctype_name);
return;
}
code = krb5_c_string_to_key(ctx, enctype, &password, &salt, &key);
if (code != 0) {
- com_err(whoami, code, gettext("Could not compute salt for %s"),
- enctype);
+ com_err(whoami, code,
+ gettext("Could not convert to key for %s"), enctype_name);
krb5_xfree(salt.data);
return;
}