A fix is available
APAR status
Closed as program error.
Error description
5697E9300 DFHMN0001 reports ABEND0C4 in module DFHMNSVC due to Monitoring Domain Anchor Control Block (MNACB) being overlaid. Failing instruction is a store instruction at offset x'A26'. The MNACB was overlaid by DFHXSSI. DFHXSSI is at base level and has overlaid the MNACB by overrunning the end of DFHXSSSANCHOR. DFHXSSI was calling IRRSMK00 via xssi_obtain_kerberos_principal call. The external security manager passes back KERB_FLD_NAME and KERB_FLD_LEN where KERB_FLD_NAME was an eroneous value of x'40404040' and KERB_FLD_LEN was x'00000000'. KERB_FLD_NAME was eroneous due to a bad profile in the security manager containing bad value in KERBCURV field. This is being pursued via the security manager. DFHXSSI realizes KERB_FLD_NAME has been passed back and correctly tries to copy it via EX (execute) command at offset x'78E'. KERB_FLD_LEN is decremented by one just prior to processing the execute command which in turn processes a MVC command to do the copy. KERB_FLD_LEN becomes x'FFFFFFFF' (negative) and lower byte is used for the length of the move. Thus, 255 bytes are being moved causing the overlay. DFHXSSI needs to check KERB_FLD_LEN for zeros to protect itself from potentially overlaying storage. . ADDITIONAL KEYWORDS: MNACB_HASH_HEAD contains zeroes xsss_kerberos_principal_len xsss_kerberos_principal DFHMNSU
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All. * **************************************************************** * PROBLEM DESCRIPTION: Abend 0C4 in DFHMNSVC. * **************************************************************** * RECOMMENDATION: * **************************************************************** During security initialisation a call is made to IRRSMK00 to extract the kerberos principal name. Once the call is made the returned data is scanned for "NAME" (the principal name variable) following the "NAME" should be a length and then the actual principal name. In this case the actual name is missing and the length is zero. There is no check for this and a move is executed for a zero length-1 which actually moves 256 bytes. The area within DFHXSSI storage for the principal name is only 240 bytes long so 16 bytes of storage are overwritten. In this case some of the storage belongs to DFHMNSVC and this causes an abend 0C4. Additional keywords: S0C4 abendS0C4
Problem conclusion
DFHXSSI has been changed in xssi_obtain_kerberos_principal to only move between 1 and Length(xsss_kerberos_principal) bytes of data.
Temporary fix
FIX AVAILABLE BY PTF ONLY
Comments
APAR Information
APAR number
PK07250
Reported component name
CICSTS 3.1 Z/OS
Reported component ID
5655M1500
Reported release
400
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2005-06-14
Closed date
2005-07-04
Last modified date
2005-08-01
APAR is sysrouted FROM one or more of the following:
PK05185
APAR is sysrouted TO one or more of the following:
UK05143
Modules/Macros
DESXSSI DFHXSSI
Fix information
Fixed component name
CICSTS 3.1 Z/OS
Fixed component ID
5655M1500
Applicable component levels
R400 PSY UK05143
UP05/07/12 P F507
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.1","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.1","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
01 August 2005