Fix handling of invalid CAMMAC service verifier

author Jeffrey Arbuckle <jeffa.lans@gmail.com>

Sun, 22 Dec 2019 03:59:20 +0000 (22:59 -0500)

committer Greg Hudson <ghudson@mit.edu>

Sat, 25 Jan 2020 04:07:10 +0000 (23:07 -0500)
author Jeffrey Arbuckle <jeffa.lans@gmail.com>
Sun, 22 Dec 2019 03:59:20 +0000 (22:59 -0500)
committer Greg Hudson <ghudson@mit.edu>
Sat, 25 Jan 2020 04:07:10 +0000 (23:07 -0500)
diff --git a/src/lib/krb5/krb/authdata.c b/src/lib/krb5/krb/authdata.c

index 7fbcfab686ce7d5cd82f26e60cd1fdb94802e218..12ac92dff757110695e145890cb9ac10d262e027 100644 (file)
--- a/src/lib/krb5/krb/authdata.c
+++ b/src/lib/krb5/krb/authdata.c
@@ -557,6 +557,8 @@ extract_cammacs(krb5_context kcontext, krb5_authdata **cammacs,
          if (ret && ret != KRB5KRB_AP_ERR_BAD_INTEGRITY)
              goto cleanup;
          ret = 0;
+        if (elements == NULL)
+            continue;
  
          /* Add the verified elements to list and free the container array. */
          for (n_elements = 0; elements[n_elements] != NULL; n_elements++);
author	Jeffrey Arbuckle <jeffa.lans@gmail.com>
	Sun, 22 Dec 2019 03:59:20 +0000 (22:59 -0500)
committer	Greg Hudson <ghudson@mit.edu>
	Sat, 25 Jan 2020 04:07:10 +0000 (23:07 -0500)