From 8ed36cee5c533d55cd7fb1705c6a20fbb2dc5ca6 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 24 Nov 2021 17:23:09 +1300
Subject: [PATCH] =?UTF-8?q?kdc:=20Fix=20=E2=80=98header=5Fkey=E2=80=99=20m?=
 =?UTF-8?q?ay=20be=20used=20uninitialized=20in=20this=20function?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

krb5tgs.c: In function ‘_kdc_tgs_rep’:
krb5tgs.c:1785:25: warning: ‘header_key’ may be used uninitialized in this function [-Wmaybe-uninitialized]
 1785 |       &tkey_check->key, &tkey_check->key, tgt, &kdc_issued, &mspac);
      |                         ^~~~~~~~~~~~~~~~
krb5tgs.c:2302:10: note: ‘header_key’ was declared here
 2302 |     Key *header_key;
      |          ^~~~~~~~~~

On Ubuntu 20.04 in a default Heimdal build with
gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04)

The compiler doesn't trust that *header_key = tkey; is always
executed in tgs_parse_request() for ret == 0.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
---
 kdc/krb5tgs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kdc/krb5tgs.c b/kdc/krb5tgs.c
index a9e246c2a..57bf4364e 100644
--- a/kdc/krb5tgs.c
+++ b/kdc/krb5tgs.c
@@ -2297,7 +2297,7 @@ _kdc_tgs_rep(astgs_request_t r)
     krb5_error_code ret;
     int i = 0;
     const PA_DATA *tgs_req;
-    Key *header_key;
+    Key *header_key = NULL;
 
     hdb_entry_ex *krbtgt = NULL;
     krb5_ticket *ticket = NULL;