cosign-discuss at umich.edu
general discussion of cosign development and deployment
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: v1.6.0: install error, short array
Opps you are absolutely correct. I have attached v1.6.0 patches to fix this.
The changes I have made is extending the krbpath and krb4path variable to
MAXPATHLEN + 1 and sprintf's to snprintf with a size of sizeof( krbpath or
krb4path ) - 1.
Sorry I missed this one!!
BTW: This is not a UMich 'sanctioned' patch :)
Also, regarding the new config directive to set the ticket cache
location: In the files that use it:
"krbpath" isn't long enough (currently 24 chars) to hold long names.
Also, only cgi.c is using snprintf, the others are using sprintf
(possible overwrites?). krb4path seems to have similar issues.