From 67c35bc1ca697f3577ef43b49c9956cdbbb4c6b1 Mon Sep 17 00:00:00 2001
From: Nicolas Williams <nico@twosigma.com>
Date: Mon, 2 Jan 2023 20:34:13 -0600
Subject: [PATCH] gsskrb5: Fix NULL deref in init_sec_context

---
 lib/gssapi/krb5/init_sec_context.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/gssapi/krb5/init_sec_context.c b/lib/gssapi/krb5/init_sec_context.c
index a705d03a8..11721f4da 100644
--- a/lib/gssapi/krb5/init_sec_context.c
+++ b/lib/gssapi/krb5/init_sec_context.c
@@ -742,6 +742,9 @@ repl_mutual
     output_token->length = 0;
     output_token->value = NULL;
 
+    if (input_token == GSS_C_NO_BUFFER)
+        return GSS_S_FAILURE;
+
     if (actual_mech_type)
 	*actual_mech_type = GSS_KRB5_MECHANISM;