If krb5_db_fetch_mkey() prompts for a master key and needs to
determine the kvno, check that the master entry contains any key data
before dereferencing the first element. Reported by Joshua Schaeffer.
ticket: 8600 (new)
target_version: 1.15-next
target_version: 1.14-next
tags: pullup
krb5_db_entry *master_entry;
rc = krb5_db_get_principal(context, mname, 0, &master_entry);
- if (rc == 0) {
+ if (rc == 0 && master_entry->n_key_data > 0)
*kvno = (krb5_kvno) master_entry->key_data->key_data_kvno;
- krb5_db_free_principal(context, master_entry);
- } else
+ else
*kvno = 1;
+ if (rc == 0)
+ krb5_db_free_principal(context, master_entry);
}
if (!salt)
projects / thirdparty / krb5.git / commitdiff
