CCAPI v2 support crash when client or server strings are NULL

The CCAPI v2 support will crash if passed in a krb5 credential with
the client or server principal strings set to NULL.  Since CCAPI v3+
support checks for this we should check in CCAPI v2.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20260 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/ccapi/common/cci_cred_union.c b/src/ccapi/common/cci_cred_union.c
index 902013dec14cb35ac3821a42ecd6a0d8b95b9b28..ae99f88b89be038f57c1e1ec1dbb71dd50882de8 100644 (file)
--- a/src/ccapi/common/cci_cred_union.c
+++ b/src/ccapi/common/cci_cred_union.c
@@ -871,13 +871,21 @@ cc_uint32 cci_credentials_union_to_cred_union (const cc_credentials_union  *in_c
             }
             
             if (!err) {
-                compat_v5creds->client = strdup (v5creds->client);
-                if (!compat_v5creds->client) { err = cci_check_error (ccErrNoMem); }
+                if (!v5creds->client) { 
+                    err = cci_check_error (ccErrBadParam);
+                } else {
+                    compat_v5creds->client = strdup (v5creds->client);
+                    if (!compat_v5creds->client) { err = cci_check_error (ccErrNoMem); }
+                }
             }
             
             if (!err) {
-                compat_v5creds->server = strdup (v5creds->server);
-                if (!compat_v5creds->server) { err = cci_check_error (ccErrNoMem); }
+                if (!v5creds->server) { 
+                    err = cci_check_error (ccErrBadParam);
+                } else {
+                    compat_v5creds->server = strdup (v5creds->server);
+                    if (!compat_v5creds->server) { err = cci_check_error (ccErrNoMem); }
+                }
             }
             
             if (!err) {
@@ -987,13 +995,21 @@ cc_uint32 cci_cred_union_to_credentials_union (const cred_union      *in_cred_un
             }
             
             if (!err) {
-                v5creds->client = strdup (compat_v5creds->client);
-                if (!v5creds->client) { err = cci_check_error (ccErrNoMem); }
+                if (!compat_v5creds->client) { 
+                    err = cci_check_error (ccErrBadParam);
+                } else {
+                    v5creds->client = strdup (compat_v5creds->client);
+                    if (!v5creds->client) { err = cci_check_error (ccErrNoMem); }
+                }
             }
             
             if (!err) {
-                v5creds->server = strdup (compat_v5creds->server);
-                if (!v5creds->server) { err = cci_check_error (ccErrNoMem); }
+                if (!compat_v5creds->server) { 
+                    err = cci_check_error (ccErrBadParam);
+                } else {
+                    v5creds->server = strdup (compat_v5creds->server);
+                    if (!v5creds->server) { err = cci_check_error (ccErrNoMem); }
+                }
             }
             
             if (!err) {
@@ -1077,7 +1093,7 @@ cc_uint32 cci_cred_union_compare_to_credentials_union (const cred_union
             }
             
         } else if (in_cred_union_compat->cred_type == CC_CRED_V5 && 
-               in_credentials_union->version == cc_credentials_v5) {
+                   in_credentials_union->version == cc_credentials_v5) {
             cc_credentials_v5_compat *old_creds_v5 = in_cred_union_compat->cred.pV5Cred;
             cc_credentials_v5_t *new_creds_v5 = in_credentials_union->credentials.credentials_v5;