* preauth.c (krb5_obtain_padata): Don't dereference a NULL pointer
authorTom Yu <tlyu@mit.edu>
Tue, 30 Jan 2001 22:40:54 +0000 (22:40 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 30 Jan 2001 22:40:54 +0000 (22:40 +0000)
if we receive an empty ETYPE_INFO preauth. [krb5-libs/903 from
craziboy77@hotmail.com]

* preauth2.c (krb5_do_preauth): Don't dereference a NULL pointer
if we receive an empty ETYPE_INFO preauth. [krb5-libs/903 from
craziboy77@hotmail.com]

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12977 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/krb5/krb/ChangeLog
src/lib/krb5/krb/preauth.c
src/lib/krb5/krb/preauth2.c

index d05ca178e2b8637986efa25117484fe2dd4b8a53..8c6f20a8cfc12a6f2074f66dd85c2f52f930eeb0 100644 (file)
@@ -1,3 +1,13 @@
+2001-01-30  Tom Yu  <tlyu@mit.edu>
+
+       * preauth.c (krb5_obtain_padata): Don't dereference a NULL pointer
+       if we receive an empty ETYPE_INFO preauth. [krb5-libs/903 from
+       craziboy77@hotmail.com]
+
+       * preauth2.c (krb5_do_preauth): Don't dereference a NULL pointer
+       if we receive an empty ETYPE_INFO preauth. [krb5-libs/903 from
+       craziboy77@hotmail.com]
+
 2001-01-30  Ezra Peisach  <epeisach@mit.edu>
 
        * rd_req_dec.c (krb5_rd_req_decrypt_tkt_part): Free
index 38aa820999def46e8616b1245b5474baf68d39bb..54f6a9539db45b3058e41935a30fa7f1433389b1 100644 (file)
@@ -172,6 +172,10 @@ krb5_error_code krb5_obtain_padata(context, preauth_to_use, key_proc,
            retval = decode_krb5_etype_info(&scratch, &etype_info);
            if (retval)
                return retval;
+           if (etype_info[0] == NULL) {
+               krb5_free_etype_info(context, etype_info);
+               etype_info = NULL;
+           }
        }
     }
 
index d3841988e0efe85740058a4561dc405120708a70..a637473823e20af28760f925018168e9017eb7ac 100644 (file)
@@ -530,6 +530,11 @@ krb5_do_preauth(krb5_context context,
                    }
                    return ret;
                }
+               if (etype_info[0] == NULL) {
+                   krb5_free_etype_info(context, etype_info);
+                   etype_info = NULL;
+                   break;
+               }
                salt->data = (char *) etype_info[0]->salt;
                salt->length = etype_info[0]->length;
                *etype = etype_info[0]->etype;