Description of problem: selinux-label patch adds code that does not compute buffer size correctly (a typical off-by-one error). This will at best corrupt heap whenever the code is executed. Version-Release number of selected component (if applicable): krb5-workstation-1.6.2-11.fc8 krb5-1.6.1-17.el5 is affected as well. How reproducible: 100% Steps to Reproduce: 1. have selinux enabled. 2. try transferring a file from a local directory so that path does not start with /. 3. watch heap being corrupted (MALLOC_CHECK_=2 helps to see it already at the first time). Additional info: Patch will be attached.
Created attachment 297075 [details] One-line patch Trivial fix.
Bug present also in ftp program as distributed with krb5-1.6.2-13.fc8
Going to include the fix in 1.6.2-14, leaving open until it's pushed as an update.
krb5-1.6.2-14.fc8 has been submitted as an update for Fedora 8
krb5-1.6.2-14.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
The bug appears to be gone in krb5-1.6.2-14.fc8