From 1ed0e3a2d8c572e54bb3068ddc116a3d56034a99 Mon Sep 17 00:00:00 2001
From: Julien Rische <jrische@redhat.com>
Date: Wed, 17 Jan 2024 11:32:17 +0100
Subject: [PATCH] krb5 1.21.2-3

- Fix double free in klist's show_ccache()
  Resolves: rhbz#2257301
- Store krb5-tests files in architecture-specific directories
  Resolves: rhbz#2244601

Signed-off-by: Julien Rische <jrische@redhat.com>
---
 ...move-klist-s-defname-global-variable.patch | 69 +++++++++++++++++++
 krb5-tests                                    |  7 +-
 krb5.spec                                     | 36 ++++++----
 tests/upstream/test.sh                        |  7 +-
 4 files changed, 100 insertions(+), 19 deletions(-)
 create mode 100644 0017-Remove-klist-s-defname-global-variable.patch

diff --git a/0017-Remove-klist-s-defname-global-variable.patch b/0017-Remove-klist-s-defname-global-variable.patch
new file mode 100644
index 0000000..56beacc
--- /dev/null
+++ b/0017-Remove-klist-s-defname-global-variable.patch
@@ -0,0 +1,69 @@
+From c5cdf6f71621569c6c389be720937ac97ace988f Mon Sep 17 00:00:00 2001
+From: Julien Rische <jrische@redhat.com>
+Date: Mon, 8 Jan 2024 16:52:27 +0100
+Subject: [PATCH] Remove klist's defname global variable
+
+Addition of a "cleanup" section in kinit's show_ccache() function as
+part of commit 6c5471176f5266564fbc8a7e02f03b4b042202f8 introduced a
+double-free bug, because defname is a global variable.  After the
+first call, successive calls may take place with a dangling pointer in
+defname, which will be freed if krb5_cc_get_principal() fails.
+
+Convert "defname" to a local variable initialized at the beginning of
+show_ccache().
+
+[ghudson@mit.edu: edited commit message]
+---
+ src/clients/klist/klist.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/clients/klist/klist.c b/src/clients/klist/klist.c
+index 43392d2337..394c75b6b7 100644
+--- a/src/clients/klist/klist.c
++++ b/src/clients/klist/klist.c
+@@ -53,7 +53,6 @@ int show_flags = 0, show_time = 0, status_only = 0, show_keys = 0;
+ int show_etype = 0, show_addresses = 0, no_resolve = 0, print_version = 0;
+ int show_adtype = 0, show_all = 0, list_all = 0, use_client_keytab = 0;
+ int show_config = 0;
+-char *defname;
+ char *progname;
+ krb5_timestamp now;
+ unsigned int timestamp_width;
+@@ -62,7 +61,7 @@ krb5_context context;
+ 
+ static krb5_boolean is_local_tgt(krb5_principal princ, krb5_data *realm);
+ static char *etype_string(krb5_enctype );
+-static void show_credential(krb5_creds *);
++static void show_credential(krb5_creds *, const char *);
+ 
+ static void list_all_ccaches(void);
+ static int list_ccache(krb5_ccache);
+@@ -473,6 +472,7 @@ show_ccache(krb5_ccache cache)
+     krb5_creds creds;
+     krb5_principal princ = NULL;
+     krb5_error_code ret;
++    char *defname = NULL;
+     int status = 1;
+ 
+     ret = krb5_cc_get_principal(context, cache, &princ);
+@@ -503,7 +503,7 @@ show_ccache(krb5_ccache cache)
+     }
+     while ((ret = krb5_cc_next_cred(context, cache, &cur, &creds)) == 0) {
+         if (show_config || !krb5_is_config_principal(context, creds.server))
+-            show_credential(&creds);
++            show_credential(&creds, defname);
+         krb5_free_cred_contents(context, &creds);
+     }
+     if (ret == KRB5_CC_END) {
+@@ -676,7 +676,7 @@ print_config_data(int col, krb5_data *data)
+ }
+ 
+ static void
+-show_credential(krb5_creds *cred)
++show_credential(krb5_creds *cred, const char *defname)
+ {
+     krb5_error_code ret;
+     krb5_ticket *tkt = NULL;
+-- 
+2.41.0
+
diff --git a/krb5-tests b/krb5-tests
index beaeb2b..6754f3f 100644
--- a/krb5-tests
+++ b/krb5-tests
@@ -12,6 +12,7 @@ trap "rm -rf ${testdir}" EXIT
 
 build_flags="$(eval "echo $(rpm --eval '%{_smp_mflags}')")"
 
-cp -rp /usr/share/{{ name }}-tests "${testdir}/"
-make -C "${testdir}/{{ name }}-tests" $build_flags
-keyctl session - make -C "${testdir}/{{ name }}-tests" check
+mkdir "${testdir}/{{ name }}-tests"
+cp -rp /usr/share/{{ name }}-tests/{{ arch }} "${testdir}/{{ name }}-tests/"
+make -C "${testdir}/{{ name }}-tests/{{ arch }}/" $build_flags
+keyctl session - make -C "${testdir}/{{ name }}-tests/{{ arch }}/" check
diff --git a/krb5.spec b/krb5.spec
index f86039c..555ded5 100644
--- a/krb5.spec
+++ b/krb5.spec
@@ -10,7 +10,7 @@
 #
 # baserelease is what we have standardized across Fedora and what
 # rpmdev-bumpspec knows how to handle.
-%global baserelease 2
+%global baserelease 3
 
 # This should be e.g. beta1 or %%nil
 %global pre_release %nil
@@ -489,37 +489,37 @@ rm -- "$RPM_BUILD_ROOT/%{_docdir}/krb5-libs/examples/services.append"
 rm -- "$RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/preauth/test.so"
 
 # Generate tests launching script
-sed -e 's/{{ name }}/%{name}/' \
-    -e 's/{{ version }}/%{krb5_version}/' \
-    -e 's/{{ release }}/%{krb5_release}/' \
-    -e 's/{{ arch }}/%{_arch}/' \
+sed -e 's/{{ name }}/%{name}/g' \
+    -e 's/{{ version }}/%{krb5_version}/g' \
+    -e 's/{{ release }}/%{krb5_release}/g' \
+    -e 's/{{ arch }}/%{_arch}/g' \
     -i %{SOURCE15}
 mkdir -p $RPM_BUILD_ROOT%{_libexecdir}
-install -pm 755 %{SOURCE15} $RPM_BUILD_ROOT%{_libexecdir}/
+install -pm 755 %{SOURCE15} $RPM_BUILD_ROOT%{_libexecdir}/%{name}-tests-%{_arch}
 
 # Copy source files from build folder to system data folder
-install -pdm 755 $RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests
+install -pdm 755 $RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/%{_arch}
 pushd src
-cp -p --parents -t "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/" \
+cp -p --parents -t "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/%{_arch}/" \
     $(find . -type f -exec file -i "{}" + \
           | sed -ne 's|^\./\([^:]\+\): \+text/.\+$|\1|p')
 popd
 
 # Copy binary test files
 install -pm 644 src/tests/pkinit-certs/*.p12 \
-    "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/tests/pkinit-certs/"
+    "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/%{_arch}/tests/pkinit-certs/"
 install -pm 644 src/tests/au_dict.json \
-    "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/tests/"
+    "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/%{_arch}/tests/"
 
 # Unset executable bit if no shebang in script
-for f in $(find "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/" -type f -executable)
+for f in $(find "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/%{_arch}/" -type f -executable)
 do
     head -n1 "$f" | grep -Eq '^#!' || chmod a-x "$f"
 done
 
 # Remove broken shebang Perl scripts
-rm -- "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/config/wconfig.pl"
-rm -- "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/kadmin/kdbkeys/do-test.pl"
+rm -- "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/%{_arch}/config/wconfig.pl"
+rm -- "$RPM_BUILD_ROOT%{_datarootdir}/%{name}-tests/%{_arch}/kadmin/kdbkeys/do-test.pl"
 
 %find_lang %{gettext_domain}
 
@@ -707,10 +707,16 @@ exit 0
 %{_libdir}/libkadm5srv_mit.so.*
 
 %files tests
-%{_libexecdir}/%{name}-tests
-%{_datarootdir}/%{name}-tests/
+%{_libexecdir}/%{name}-tests-%{_arch}
+%{_datarootdir}/%{name}-tests/%{_arch}
 
 %changelog
+* Wed Jan 17 2024 Julien Rische <jrische@redhat.com> - 1.21.2-3
+- Fix double free in klist's show_ccache()
+  Resolves: rhbz#2257301
+- Store krb5-tests files in architecture-specific directories
+  Resolves: rhbz#2244601
+
 * Tue Oct 10 2023 Julien Rische <jrische@redhat.com> - 1.21.2-2
 - Use SPDX expression for license tag
 - Fix unimportant memory leaks
diff --git a/tests/upstream/test.sh b/tests/upstream/test.sh
index 9c5abc5..fd4aeeb 100755
--- a/tests/upstream/test.sh
+++ b/tests/upstream/test.sh
@@ -1,2 +1,7 @@
 #!/bin/sh -eux
-/usr/libexec/krb5-tests
+rc=0
+for test_exec in /usr/libexec/krb5-tests-*
+do
+    "$test_exec" || rc=1
+done
+exit $rc