check return copy_Realm, copy_PrincipalName, copy_EncryptionKey

The ASN.1 functions copy_Realm(), copy_PrincipalName() and
copy_EncryptionKey() can fail.  Check the return and perform error
handling as appropriate.

Change-Id: I2b3629d19db96eb41d1cd554cef1dca99745e753

kdc/kerberos5.c

@@ -1946,7 +1946,9 @@ _kdc_as_rep(kdc_request_t r,
 	goto out;
 
     rep.ticket.tkt_vno = 5;
-    copy_Realm(&r->server->entry.principal->realm, &rep.ticket.realm);
+    ret = copy_Realm(&r->server->entry.principal->realm, &rep.ticket.realm);
+    if (ret)
+	goto out;
     _krb5_principal2principalname(&rep.ticket.sname,
 				  r->server->entry.principal);
     /* java 1.6 expects the name to be the same type, lets allow that
@@ -2111,8 +2113,12 @@ _kdc_as_rep(kdc_request_t r,
 	ALLOC(r->ek.renew_till);
 	*r->ek.renew_till = *r->et.renew_till;
     }
-    copy_Realm(&rep.ticket.realm, &r->ek.srealm);
-    copy_PrincipalName(&rep.ticket.sname, &r->ek.sname);
+    ret = copy_Realm(&rep.ticket.realm, &r->ek.srealm);
+    if (ret)
+	goto out;
+    ret = copy_PrincipalName(&rep.ticket.sname, &r->ek.sname);
+    if (ret)
+	goto out;
     if(r->et.caddr){
 	ALLOC(r->ek.caddr);
 	copy_HostAddresses(r->et.caddr, r->ek.caddr);

kdc/krb5tgs.c

@@ -807,15 +807,21 @@ tgs_make_reply(krb5_context context,
     if(ret)
 	goto out;
 
-    copy_Realm(&server_principal->realm, &rep.ticket.realm);
+    ret = copy_Realm(&server_principal->realm, &rep.ticket.realm);
+    if (ret)
+	goto out;
     _krb5_principal2principalname(&rep.ticket.sname, server_principal);
-    copy_Realm(&tgt_name->realm, &rep.crealm);
+    ret = copy_Realm(&tgt_name->realm, &rep.crealm);
+    if (ret)
+	goto out;
 /*
     if (f.request_anonymous)
 	_kdc_make_anonymous_principalname (&rep.cname);
     else */
 
-    copy_PrincipalName(&tgt_name->name, &rep.cname);
+    ret = copy_PrincipalName(&tgt_name->name, &rep.cname);
+    if (ret)
+	goto out;
     rep.ticket.tkt_vno = 5;
 
     ek.caddr = et.caddr;