subject; krb5_do_preauth could attempt to free NULL pointer
authorEzra Peisach <epeisach@mit.edu>
Mon, 17 Jan 2005 17:32:26 +0000 (17:32 +0000)
committerEzra Peisach <epeisach@mit.edu>
Mon, 17 Jan 2005 17:32:26 +0000 (17:32 +0000)
commitdc57beffefe7df48e440887976fbbaefa71b828a
tree2ea5c8b302ec1453e862e50e313ab10aa93a32b7
parent2656e5e1e026f800559eed79dfcc58cd3da5d9a0
subject; krb5_do_preauth could attempt to free NULL pointer

* preauth2.c (krb5_do_preauth): Upon error in decoding
krb5_type_info{,2}, on failure, do not call krb5_free_type_info
with a null pointer.

The only way to reach this code is to set a preauth list requesting for ETYPE_INFO
 or ETYPE_INFO2 in a call to krb5_get_in_tkt_with_password.

Before sending the request, krb5_do_preauth tries to parse a NULL length asn1 buffer,
fails and tries to free a null pointer.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17047 dc483132-0cff-0310-8789-dd5450dbe970
src/lib/krb5/krb/ChangeLog
src/lib/krb5/krb/preauth2.c