* preauth2.c (krb5_do_preauth): Upon error in decoding
krb5_type_info{,2}, on failure, do not call krb5_free_type_info
with a null pointer.
The only way to reach this code is to set a preauth list requesting for ETYPE_INFO
or ETYPE_INFO2 in a call to krb5_get_in_tkt_with_password.
Before sending the request, krb5_do_preauth tries to parse a NULL length asn1 buffer,
fails and tries to free a null pointer.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17047
dc483132-0cff-0310-8789-
dd5450dbe970
+2005-01-17 Ezra Peisach <epeisach@mit.edu>
+
+ * preauth2.c (krb5_do_preauth): Upon error in decoding
+ krb5_type_info{,2}, on failure, do not call krb5_free_type_info
+ with a null pointer.
+
2005-01-15 Jeffrey Altman <jaltman@mit.edu>
* cp_key_cnt.c, copy_princ.c:
else ret = decode_krb5_etype_info(&scratch, &etype_info);
if (ret) {
ret = 0; /*Ignore error and etype_info element*/
- krb5_free_etype_info( context, etype_info);
+ if (etype_info)
+ krb5_free_etype_info( context, etype_info);
etype_info = NULL;
continue;
}