From 1d2a17eca0c14d145d272e3d5958e44e1285af65 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Thu, 1 Jun 2006 10:55:28 +0000
Subject: [PATCH] (tgs_rep2): check for memory alloc failure

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17597 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kdc/kerberos5.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/kdc/kerberos5.c b/kdc/kerberos5.c
index dac57c0ba..70c4b59d9 100644
--- a/kdc/kerberos5.c
+++ b/kdc/kerberos5.c
@@ -2245,12 +2245,18 @@ tgs_rep2(krb5_context context,
 	krb5_crypto_destroy(context, crypto);
 	if(ret){
 	    krb5_auth_con_free(context, ac);
-	    kdc_log(context, config, 0, "Failed to decrypt enc-authorization-data");
+	    kdc_log(context, config, 0, 
+		    "Failed to decrypt enc-authorization-data");
 	    ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; /* ? */
 	    goto out2;
 	}
 	krb5_free_keyblock(context, subkey);
 	ALLOC(auth_data);
+	if (auth_data == NULL) {
+	    krb5_auth_con_free(context, ac);
+	    ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; /* ? */
+	    goto out2;
+	}
 	ret = decode_AuthorizationData(ad.data, ad.length, auth_data, NULL);
 	if(ret){
 	    krb5_auth_con_free(context, ac);