From f79326e9605f5080e63e96bc20fc184a7d7ca381 Mon Sep 17 00:00:00 2001 From: Samuel Cabrero Date: Fri, 18 Jul 2014 15:13:19 +0200 Subject: [PATCH] Check _kdc_db_fetch return value before dereference entry pointer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes a segfault if the _kdc_db_fetch function does not find the entry in the database (the entry pointer will be NULL if entry is not found). Signed-off-by: Samuel Cabrero Signed-off-by: Love Hörnquist Åstrand --- kdc/krb5tgs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kdc/krb5tgs.c b/kdc/krb5tgs.c index 369292b75..baa03309f 100644 --- a/kdc/krb5tgs.c +++ b/kdc/krb5tgs.c @@ -1211,7 +1211,6 @@ tgs_parse_request(krb5_context context, krbtgt_kvno = ap_req.ticket.enc_part.kvno ? *ap_req.ticket.enc_part.kvno : 0; ret = _kdc_db_fetch(context, config, princ, HDB_F_GET_KRBTGT, &krbtgt_kvno, NULL, krbtgt); - krbtgt_kvno_try = krbtgt_kvno ? krbtgt_kvno : (*krbtgt)->entry.kvno; if (ret == HDB_ERR_NOT_FOUND_HERE) { /* XXX Factor out this unparsing of the same princ all over */ @@ -1269,6 +1268,7 @@ tgs_parse_request(krb5_context context, goto out; } + krbtgt_kvno_try = krbtgt_kvno ? krbtgt_kvno : (*krbtgt)->entry.kvno; *krbtgt_etype = ap_req.ticket.enc_part.etype; next_kvno: