From: Tom Yu <tlyu@mit.edu>
Date: Mon, 28 Sep 2009 20:44:23 +0000 (+0000)
Subject: pull up r22413, r22410 from trunk
X-Git-Tag: krb5-1.7.1-beta1~39
X-Git-Url: http://git.tremily.us/gitweb.cgi?a=commitdiff_plain;h=e305ced680579fb9788765b19085184192abfce7;p=krb5.git

pull up r22413, r22410 from trunk

 ------------------------------------------------------------------------
 r22413 | epeisach | 2009-06-17 13:51:31 -0400 (Wed, 17 Jun 2009) | 5 lines

 ticket: 6512

 In the previous patch - I neglected a potential NULL deref in the call
 to krb5int_yarrow_cipher_final.  Trivial fix.
 ------------------------------------------------------------------------
 r22410 | epeisach | 2009-06-11 13:01:13 -0400 (Thu, 11 Jun 2009) | 7 lines

 subject:  krb5int_yarrow_final could deref NULL if out of memory
 ticket: 6512
  krb5int_yarrow_final tests if the Yarrow_CTX* is valid (not NULL) -
  and if not - signals and error for return - but still invokes
  mem_zero (memset) with it as an argument.  This will only happen in
  an out-of-memory situation.

ticket: 6512
version_fixed: 1.7.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-7@22799 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/crypto/yarrow/yarrow.c b/src/lib/crypto/yarrow/yarrow.c
index b52057daa..e1f2ecdc6 100644
--- a/src/lib/crypto/yarrow/yarrow.c
+++ b/src/lib/crypto/yarrow/yarrow.c
@@ -917,8 +917,11 @@ int krb5int_yarrow_final(Yarrow_CTX* y)
 #endif
 
  CATCH:
-    krb5int_yarrow_cipher_final(&y->cipher);
-    mem_zero( y, sizeof(Yarrow_CTX) );
+    if ( y )
+    {
+	krb5int_yarrow_cipher_final(&y->cipher);
+	mem_zero( y, sizeof(Yarrow_CTX) );
+    }
     if ( locked ) { TRY( UNLOCK() ); }
     EXCEP_RET;
 }