Mailing List Archive

[Bug 2524] New: gssapi via cyrus_sasl broken, approx sicne c0fb53b74e07fd17247960c998ffcb1f3c9f931f
https://bugs.exim.org/show_bug.cgi?id=2524

Bug ID: 2524
Summary: gssapi via cyrus_sasl broken, approx sicne
c0fb53b74e07fd17247960c998ffcb1f3c9f931f
Product: Exim
Version: 4.93
Hardware: x86-64
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: SMTP Authentication
Assignee: jgh146exb@wizmail.org
Reporter: sebastian.langenhorst@uni-paderborn.de
CC: exim-dev@exim.org

Created attachment 1273
--> https://bugs.exim.org/attachment.cgi?id=1273&action=edit
sting_copyn -> memcpy

We use gssapi-authentication via cyrus_sasl-lib, which broke when we tried to
use a 4.9X version with debian buster.

I could pinpoint it so commit c0fb53b74e07fd17247960c998ffcb1f3c9f931f, where
the previous memcpy got replaced by string_copyn.

Even though string_copyn would be a line-saving replacement for most cases, in
a gssapi-enviroment it unfortunately cuts down at the \0-char (Ustrncpy), which
causes only a copy of the first 15 chars.

This results in a always-failed authentication.

The patch reverts the single string_copyn-line back to the memcpy used before.

There should be no implications other than working gssapi via cyrus_sasl.

--
You are receiving this mail because:
You are on the CC list for the bug.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##