search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
libtommath: Fix possible integer overflow CVE-2023-36328
[heimdal.git] / lib / krb5 / test_set_kvno0.c
blob0c7e6b447ae81cf2e53f37afb2b3fbe47cacf45b
1 /*
2 * Copyright (c) 2011, Secure Endpoints Inc.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * - Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * - Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
20 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
22 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
23 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
24 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
26 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
28 * OF THE POSSIBILITY OF SUCH DAMAGE.
29 *
30 */
31
32 #include "krb5_locl.h"
33 #include <err.h>
34 #include <getarg.h>
35
36 #if 0
37 #include <stdio.h>
38 #include <string.h>
39 #include <strings.h>
40 #include <stdlib.h>
41 #include <unistd.h>
42 #include <krb5.h>
43 #endif
44
45 int
46 main(int argc, char **argv)
47 {
48 krb5_error_code ret;
49 krb5_context context;
50 krb5_ccache src_cc = NULL;
51 krb5_ccache dst_cc = NULL;
52 krb5_cc_cursor cursor;
53 krb5_principal me = NULL;
54 krb5_creds cred;
55 const char *during;
56 Ticket t;
57 size_t len;
58 int make_kvno_absent = 0;
59 int opt;
60
61 memset(&cred, 0, sizeof (cred));
62 during = "init_context";
63 ret = krb5_init_context(&context);
64 if (ret) goto err;
65
66 while ((opt = getopt(argc, argv, "c:n")) != -1) {
67 switch (opt) {
68 case 'c':
69 during = "cc_resolve of source ccache";
70 ret = krb5_cc_resolve(context, optarg, &src_cc);
71 if (ret) goto err;
72 break;
73 case 'n':
74 make_kvno_absent++;
75 break;
76 case 'h':
77 default:
78 fprintf(stderr, "Usage: %s [-n] [-c ccache]\n"
79 "\tThis utility edits a ccache, setting all ticket\n"
80 "\tenc_part kvnos to zero or absent (if -n is set).\n",
81 argv[0]);
82 return 1;
83 }
84 }
85
86 if (!src_cc) {
87 during = "cc_default";
88 ret = krb5_cc_default(context, &src_cc);
89 if (ret) goto err;
90 }
91
92 during = "cc_get_principal";
93 ret = krb5_cc_get_principal(context, src_cc, &me);
94 if (ret) goto err;
95
96 if (optind != argc) {
97 fprintf(stderr, "Usage: %s [-n] [-c ccache]\n"
98 "\tThis utility edits a ccache, setting all ticket\n"
99 "\tenc_part kvnos to zero or absent (if -n is set).\n",
100 argv[0]);
101 return 1;
102 }
103
104 during = "cc_new_unique of temporary ccache";
105 ret = krb5_cc_new_unique(context, krb5_cc_get_type(context, src_cc),
106 NULL, &dst_cc);
107
108 during = "cc_initialize of temporary ccache";
109 ret = krb5_cc_initialize(context, dst_cc, me);
110 if (ret) goto err;
111
112 during = "cc_start_seq_get";
113 ret = krb5_cc_start_seq_get(context, src_cc, &cursor);
114 if (ret) goto err;
115
116 while ((ret = krb5_cc_next_cred(context, src_cc, &cursor, &cred)) == 0) {
117 krb5_data data;
118
119 during = "decode_Ticket";
120 memset(&t, 0, sizeof (t));
121 ret = decode_Ticket(cred.ticket.data, cred.ticket.length, &t, &len);
122 if (ret == ASN1_MISSING_FIELD) {
123 krb5_free_cred_contents(context, &cred);
124 memset(&cred, 0, sizeof (cred));
125 continue;
126 }
127 if (ret) goto err;
128 if (t.enc_part.kvno) {
129 *t.enc_part.kvno = 0;
130 if (make_kvno_absent) {
131 free(t.enc_part.kvno);
132 t.enc_part.kvno = NULL;
133 }
134 /*
135 * The new Ticket has to need less or same space as before, so
136 * we reuse cred->icket.data.
137 */
138 during = "encode_Ticket";
139 ASN1_MALLOC_ENCODE(Ticket, data.data, data.length, &t, &len, ret);
140 if (ret) {
141 free_Ticket(&t);
142 goto err;
143 }
144 krb5_data_free(&cred.ticket);
145 cred.ticket = data;
146 }
147 free_Ticket(&t);
148 during = "cc_store_cred";
149 ret = krb5_cc_store_cred(context, dst_cc, &cred);
150 if (ret) goto err;
151 krb5_free_cred_contents(context, &cred);
152 memset(&cred, 0, sizeof (cred));
153 }
154 during = "cc_next_cred";
155 if (ret != KRB5_CC_END) goto err;
156
157 during = "cc_end_seq_get";
158 ret = krb5_cc_end_seq_get(context, src_cc, &cursor);
159 if (ret) goto err;
160
161 during = "cc_move";
162 ret = krb5_cc_move(context, dst_cc, src_cc);
163 if (ret) goto err;
164 dst_cc = NULL;
165
166 during = "cc_switch";
167 ret = krb5_cc_switch(context, src_cc);
168 if (ret) goto err;
169
170 err:
171 (void) krb5_free_principal(context, me);
172 if (src_cc)
173 (void) krb5_cc_close(context, src_cc);
174 if (dst_cc)
175 (void) krb5_cc_destroy(context, dst_cc);
176 if (ret) {
177 fprintf(stderr, "Failed while doing %s (%d)\n", during, ret);
178 ret = 1;
179 }
180 return (ret);
181 }
182
Heimdal