Typo in appl/lib/ka-procs.c (get_password)
John Callaghan
jpc at msu.edu
Wed Feb 7 20:00:41 CET 2001
If you supply a password to get_password (via ka_authenticate), then the
unintialized variable buf is passed to afs_string_to_key instead of password.
The source is arla-0.35.2:
--- appl/lib/ka-procs.c.orig Wed Feb 7 13:49:01 2001
+++ appl/lib/ka-procs.c Wed Feb 7 13:16:58 2001
@@ -219,5 +219,5 @@
strlwr (cell);
- afs_string_to_key (buf, realm, key);
+ afs_string_to_key (password, realm, key);
memset (buf, 0, sizeof(buf));
--
John Callaghan
jpc at msu.edu
More information about the Arla-drinkers
mailing list