[Date Prev][Date Next]
Re: commit: ldap/libraries/libldap gssapi.c
> gssapi.c NONE -> 1.1
> ITS#5369 SASL/GSSAPi refactoring from Stefan Metzmacher <firstname.lastname@example.org>
> and Rafal Szczeniak <email@example.com>, with minor cleanups
This is buggy:
pkt_len is used uninitialized in sb_sasl_gssapi_decode().
guess_service_principal() is broken: It uses 'ret' uninitialized, as if
a return value from malloc. It passes (buffer length - 1) instead of
buffer length to snprintf, which I think fails for the (allow_remote &&
givenstr) case. snprintf() unnecessary anyway since the function can
malloc the exact needed size. Also it's preferable to only use a string
literal as format argument, so gcc can verify the printf (instead of
warning that it can't).
Format errors: OM_uint32 printed as %u, size_t/ber_len_t as %lu.
Here is a draft patch. Untested. Note I've not looked at how this
actually works, just how to get rid of warnings.
Finally, some header files should declare these functions:
ldap_gssapi_bind_s(), ldap_int_gssapi_close(), ldap_int_gssapi_config(),
and be #included by bind.c, cyrus.c, gssapi.c, init.c, options.c, request.c.