Security: Avoid NULL structure pointer member dereference
This can happen in the error path when processing malformed AS
requests with a NULL client name. Bug originally introduced on
Fri Feb 13 09:26:01 2015 +0100 in commit:
a873e21d7c
kdc: base _kdc_fast_mk_error() on krb5_mk_error_ext()
Original patch by Jeffrey Altman <jaltman@secure-endpoints.com>
This commit is contained in:
Viktor Dukhovni
@@ -2239,8 +2239,10 @@ out:
|
||||
&req->req_body,
|
||||
ret, r->e_text,
|
||||
r->server_princ,
|
||||
&r->client_princ->name,
|
||||
&r->client_princ->realm,
|
||||
r->client_princ ?
|
||||
&r->client_princ->name : NULL,
|
||||
r->client_princ ?
|
||||
&r->client_princ->realm : NULL,
|
||||
NULL, NULL,
|
||||
reply);
|
||||
if (ret)
|
||||
|
||||
Reference in New Issue
Block a user