From: Ezra Peisach Date: Thu, 11 Jun 2009 17:01:13 +0000 (+0000) Subject: krb5int_yarrow_final could deref NULL if out of memory X-Git-Tag: krb5-1.8-alpha1~437 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=2ba32d69322ac7d2b1b8c7b02d996f2ec02d9e59;p=krb5.git krb5int_yarrow_final could deref NULL if out of memory krb5int_yarrow_final tests if the Yarrow_CTX* is valid (not NULL) - and if not - signals and error for return - but still invokes mem_zero (memset) with it as an argument. This will only happen in an out-of-memory situation. ticket: 6512 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22410 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/crypto/yarrow/yarrow.c b/src/lib/crypto/yarrow/yarrow.c index b52057daa..9e3c91588 100644 --- a/src/lib/crypto/yarrow/yarrow.c +++ b/src/lib/crypto/yarrow/yarrow.c @@ -918,7 +918,8 @@ int krb5int_yarrow_final(Yarrow_CTX* y) CATCH: krb5int_yarrow_cipher_final(&y->cipher); - mem_zero( y, sizeof(Yarrow_CTX) ); + if ( y ) + mem_zero( y, sizeof(Yarrow_CTX) ); if ( locked ) { TRY( UNLOCK() ); } EXCEP_RET; }