oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Fix missing error checking in lib/krb5/pkinit.c

Browse Source
This commit is contained in:
Nicolas Williams
2019-07-04 23:40:52 -05:00
parent 44677c01ae
commit 5e270a8914
1 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
lib/krb5/pkinit.c
View File

@@ -719,7 +719,7 @@ pk_mk_padata(krb5_context context,
free(buf.data); free(buf.data);
if (ret == 0) if (ret == 0)
krb5_padata_add(context, md, KRB5_PADATA_PK_AS_09_BINDING, NULL, 0); ret = krb5_padata_add(context, md, KRB5_PADATA_PK_AS_09_BINDING, NULL, 0);
out: out:
free_ContentInfo(&content_info); free_ContentInfo(&content_info);
@@ -2387,10 +2387,15 @@ krb5_get_init_creds_opt_set_pkinit(krb5_context context,
opt->opt_private->pk_init_ctx->id->flags |= PKINIT_BTMM; opt->opt_private->pk_init_ctx->id->flags |= PKINIT_BTMM;
if (opt->opt_private->pk_init_ctx->id->certs) { if (opt->opt_private->pk_init_ctx->id->certs) {
_krb5_pk_set_user_id(context, ret = _krb5_pk_set_user_id(context,
principal, principal,
opt->opt_private->pk_init_ctx, opt->opt_private->pk_init_ctx,
opt->opt_private->pk_init_ctx->id->certs); opt->opt_private->pk_init_ctx->id->certs);
if (ret) {
free(opt->opt_private->pk_init_ctx);
opt->opt_private->pk_init_ctx = NULL;
return ret;
}
} else } else
opt->opt_private->pk_init_ctx->id->cert = NULL; opt->opt_private->pk_init_ctx->id->cert = NULL;
@@ -2449,9 +2454,7 @@ krb5_get_init_creds_opt_set_pkinit_user_certs(krb5_context context,
return EINVAL; return EINVAL;
} }
_krb5_pk_set_user_id(context, NULL, opt->opt_private->pk_init_ctx, certs); return _krb5_pk_set_user_id(context, NULL, opt->opt_private->pk_init_ctx, certs);
return 0;
#else #else
krb5_set_error_message(context, EINVAL, krb5_set_error_message(context, EINVAL,
N_("no support for PKINIT compiled in", "")); N_("no support for PKINIT compiled in", ""));