projects / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d4e7d83)
krb5_gss_acquire_cred will deref garbage pointer if actual_mechs is NULL
authorEzra Peisach <epeisach@mit.edu>
Sun, 3 Jan 2010 15:14:51 +0000 (15:14 +0000)
committerEzra Peisach <epeisach@mit.edu>
Sun, 3 Jan 2010 15:14:51 +0000 (15:14 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23572 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/gssapi/krb5/acquire_cred.c patch | blob | history

diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c
index 64efa1bfd069aaa025be6907dfa8d5c4f3a00d9f..2ccf7dbf37c3f3a4502e981caad82fd2507e7d52 100644 (file)
--- a/src/lib/gssapi/krb5/acquire_cred.c
+++ b/src/lib/gssapi/krb5/acquire_cred.c
@@ -465,7 +465,7 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
     krb5_context context;
     size_t i;
     krb5_gss_cred_id_t cred;
-    gss_OID_set ret_mechs;
+    gss_OID_set ret_mechs = NULL;
     int req_old, req_new;
     OM_uint32 ret;
     krb5_error_code code;
@@ -693,8 +693,10 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
     /* intern the credential handle */
 
     if (! kg_save_cred_id((gss_cred_id_t) cred)) {
-        free(ret_mechs->elements);
-        free(ret_mechs);
+        if (ret_mechs) {
+            free(ret_mechs->elements);
+            free(ret_mechs);
+        }
         if (cred->ccache)
             (void)krb5_cc_close(context, cred->ccache);
 #ifndef LEAN_CLIENT
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.