[krbdev.mit.edu #8651] profile library may try to reread from special device files

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[krbdev.mit.edu #8651] profile library may try to reread from special device files

Greg Hudson via RT-2
I think I was wrong about stat("/dev/fd/NN") returning the current
time as mtime for a pipe.  I think to manifest this problem, kinit
has to initially open() and stat() the profile before printf has
finished writing to the pipe.  (It will then block reading the data
from printf, but it already recorded the timestamp, and it doesn't
stat() again afterwards.)  That's much less likely than the clock
second rolling over between profile_init and profile_get.

I was able to produce a failure using many repeated invocations of
KRB5_KDC_PROFILE=<(printf ...) kinit -k -t KDB:, but it took a long
time.  To produce a failure in just one try, I wrote a simple test
program:

int
main(int argc, char **argv)
{
    profile_t profile;
    char *str;

    if (profile_init_path(argv[1], &profile) != 0)
        abort();
    if (profile_get_string(profile, "a", "b", NULL, "no", &str) != 0)
        abort();
    printf("%s\n", str);
    profile_release_string(str);
    return 0;
}

and ran it with:

./a.out <(sleep 1; printf "[a]\nb=yes\n")
_______________________________________________
krb5-bugs mailing list
[hidden email]
https://mailman.mit.edu/mailman/listinfo/krb5-bugs