Apply Apple patch to null out key->contents after freeing on failure,

eliminating the possibility that the pointer will be used after free.

ticket: 6247

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20961 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/crypto/string_to_key.c b/src/lib/crypto/string_to_key.c
index 03165ab25d5886e5cc75a7580fec756954081d3e..71d9db650197c412bc8c2314fa2e5d873b21f18b 100644 (file)
--- a/src/lib/crypto/string_to_key.c
+++ b/src/lib/crypto/string_to_key.c
@@ -93,6 +93,8 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_enctype enctype,
     if (ret) {
        memset(key->contents, 0, keylength);
        free(key->contents);
+       key->length = 0;
+       key->contents = NULL;
     }
 
     return(ret);