From 314868c108522bcb44e673c6d9ea3545d573d38c Mon Sep 17 00:00:00 2001
From: Ezra Peisach <epeisach@mit.edu>
Date: Mon, 23 Oct 1995 16:07:56 +0000
Subject: [PATCH]  rd_req_dec.c (krb5_rd_req_decoded): For heirarchal
 cross-realm, 		set the length after initializing string.

 rd_req.c (krb5_rd_req): If a new auth_context is created
		and then there is an error, make sure return pointer is not
		looking at freed memory.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6981 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/krb5/krb/ChangeLog    | 10 ++++++++++
 src/lib/krb5/krb/rd_req.c     |  4 +++-
 src/lib/krb5/krb/rd_req_dec.c |  2 +-
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index 453660d5c..4576a03b7 100644
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,13 @@
+Mon Oct 23 11:09:56 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>
+
+	* rd_req_dec.c (krb5_rd_req_decoded): For heirarchal cross-realm,
+		set the length after initializing string.
+
+	* rd_req.c (krb5_rd_req): If a new auth_context is created
+		and then there is an error, make sure return pointer is not
+		looking at freed memory.
+
+
 Fri Oct  6 22:04:42 1995  Theodore Y. Ts'o  <tytso@dcl>
 
 	* Makefile.in: Remove ##DOS!include of config/windows.in.
diff --git a/src/lib/krb5/krb/rd_req.c b/src/lib/krb5/krb/rd_req.c
index 9ed6eb2c9..e46b3bd91 100644
--- a/src/lib/krb5/krb/rd_req.c
+++ b/src/lib/krb5/krb/rd_req.c
@@ -98,8 +98,10 @@ krb5_rd_req(context, auth_context, inbuf, server, keytab,
         (void) krb5_kt_close(context, new_keytab);
 
 cleanup_auth_context:
-    if (new_auth_context && retval)
+    if (new_auth_context && retval) {
 	krb5_auth_con_free(context, new_auth_context);
+	*auth_context = NULL;
+    }
 
 cleanup_request:
     krb5_free_ap_req(context, request);
diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c
index c5637d4c1..5167701d0 100644
--- a/src/lib/krb5/krb/rd_req_dec.c
+++ b/src/lib/krb5/krb/rd_req_dec.c
@@ -197,8 +197,8 @@ krb5_rd_req_decoded(context, auth_context, req, server, keytab,
       	 * and the local realm.                                        
   	 */
       	if (trans->tr_contents.data && trans->tr_contents.data[0]) {
-            lrealm.length = strlen(lrealm.data);
             krb5_get_default_realm(context, &(lrealm.data));
+            lrealm.length = strlen(lrealm.data);
             retval = krb5_check_transited_list(context, &(trans->tr_contents), 
 					       realm, &lrealm);
             free(lrealm.data);
-- 
2.26.2