CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: v1.6.0: install error, short array

Hi Phil,

Opps you are absolutely correct. I have attached v1.6.0 patches to fix this.
The changes I have made is extending the krbpath and krb4path variable to
MAXPATHLEN + 1 and sprintf's to snprintf with a size of  sizeof( krbpath or
krb4path ) - 1.

Sorry I missed this one!!

BTW: This is not a UMich 'sanctioned' patch :)

Also, regarding the new config directive to set the ticket cache 
location: In the files that use it:


"krbpath" isn't long enough (currently 24 chars) to hold long names.  
Also, only cgi.c is using snprintf, the others are using sprintf 
(possible overwrites?).  krb4path seems to have similar issues.


Attachment: krbpath_overrun_pathes.tgz
Description: application/compressed

Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010