On Sun, 2005-02-13 at 09:06 +1100, Luke Howard wrote: > >So gssapi_krb5_set_error_string() should always call strdup(), to ensure > >that when gssapi_krb5_get_error_string() is called, the caller can own > >the string, right? > > > >Or is the assumption that the kerberos layer has made a similar promise, > >and the kerberos error routines should call strdup()? > > See krb5_vset_error_string() in lib/krb5/error_string.c. It uses > vasprintf(). > > Interestingly if vasprintf() it fails then it falls back to using a > static buffer inside the krb5_context. Perhaps this is the cause of > the prolbem you are seeing. Ahh, thanks for pointing that out, I hadn't seen the asprintf(), only the subsequent vsnprinf(). It wasn't an error I was seeing in real life, just as I read over the code, something triggered in my brain as 'that doesn't look right'. (I saw the krb5_clear_error_string() workaround, and then the lack of such a workaround elsewhere). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
This is a digitally signed message part