diff options
author | Chris Fraire <cfraire@me.com> | 2021-07-25 12:10:16 -0500 |
---|---|---|
committer | Dan McDonald <danmcd@joyent.com> | 2021-08-10 13:08:28 -0400 |
commit | 298aa1575e761a7d02bc7c65fa603ffd0266fcb7 (patch) | |
tree | 099d678713a822ab0272974b5b6f0aba27eb0a52 | |
parent | ff67a31b6b184e832f89a53763c02c35bd1a7291 (diff) | |
download | illumos-joyent-298aa1575e761a7d02bc7c65fa603ffd0266fcb7.tar.gz |
13935 ksetpw passes integers to %s format specifier
13936 ksetpw typo to strtok_r() prevents space delimited -e enctype_list
13942 ksetpw salt may be used uninitialized
Reviewed by: Toomas Soome <tsoome@me.com>
Approved by: Dan McDonald <danmcd@joyent.com>
-rw-r--r-- | usr/src/cmd/krb5/kadmin/kclient/ksetpw.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/usr/src/cmd/krb5/kadmin/kclient/ksetpw.c b/usr/src/cmd/krb5/kadmin/kclient/ksetpw.c index 40b0cd8a04..b19d034372 100644 --- a/usr/src/cmd/krb5/kadmin/kclient/ksetpw.c +++ b/usr/src/cmd/krb5/kadmin/kclient/ksetpw.c @@ -22,6 +22,7 @@ /* * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. + * Portions Copyright 2021, Chris Fraire <cfraire@me.com>. */ #include <stdio.h> @@ -55,7 +56,7 @@ main(int argc, char **argv) krb5_ccache cc = NULL; krb5_keytab kt = NULL; krb5_kvno kvno = 1; - krb5_principal victim, salt; + krb5_principal victim, salt = NULL; char c, *vprincstr, *ktname, *token, *lasts, *newpw; int result_code, i, len, nflag = 0; krb5_data result_code_string, result_string; @@ -113,7 +114,7 @@ main(int argc, char **argv) break; case 'e': len = strlen(optarg); - token = strtok_r(optarg, ",\t,", &lasts); + token = strtok_r(optarg, ",\t ", &lasts); if (token == NULL) usage(); @@ -244,6 +245,9 @@ main(int argc, char **argv) if (enctype_count && (code = kt_remove_entries(ctx, kt, victim))) goto error; + if (salt == NULL) + salt = victim; + for (i = 0; i < enctype_count; i++) kt_add_entry(ctx, kt, victim, salt, enctypes[i], kvno, newpw); @@ -334,9 +338,10 @@ kt_add_entry(krb5_context ctx, krb5_keytab kt, const krb5_principal princ, krb5_data password, salt; krb5_keyblock key; krb5_error_code code; - char buf[100]; + char enctype_name[100]; - if ((code = krb5_enctype_to_string(enctype, buf, sizeof (buf)))) { + if ((code = krb5_enctype_to_string(enctype, enctype_name, + sizeof (enctype_name)))) { com_err(whoami, code, gettext("Enctype %d has no name!"), enctype); return; @@ -353,15 +358,15 @@ kt_add_entry(krb5_context ctx, krb5_keytab kt, const krb5_principal princ, if ((code = krb5_principal2salt(ctx, sprinc, &salt)) != 0) { com_err(whoami, code, - gettext("Could not compute salt for %s"), enctype); + gettext("Could not compute salt for %s"), enctype_name); return; } code = krb5_c_string_to_key(ctx, enctype, &password, &salt, &key); if (code != 0) { - com_err(whoami, code, gettext("Could not compute salt for %s"), - enctype); + com_err(whoami, code, + gettext("Could not convert to key for %s"), enctype_name); krb5_xfree(salt.data); return; } |