Check strdup return in kadm5_get_config_params()

When copying the realm string, if strdup() returns NULL, fail out with
ENOMEM instead of pretending the realm wasn't specified.  When copying
KRB5_DEFAULT_SUPPORTED_ENCTYPES, if strdup() returns NULL, fail out
with ENOMEM instead of crashing.  Reported by Bean Zhang.

ticket: 8727
tags: pullup
target_version: 1.16-next
target_version: 1.15-next

diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c
index ec6290ecc009846cdbab4529e2fb9134e76f3e2d..e2d8f7789c744a25fa7209f7eb79f44d8959e025 100644 (file)
--- a/src/lib/kadm5/alt_prof.c
+++ b/src/lib/kadm5/alt_prof.c
@@ -526,8 +526,11 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
 
     if (params_in->mask & KADM5_CONFIG_REALM) {
         lrealm = params.realm = strdup(params_in->realm);
-        if (params.realm != NULL)
-            params.mask |= KADM5_CONFIG_REALM;
+        if (params.realm == NULL) {
+            ret = ENOMEM;
+            goto cleanup;
+        }
+        params.mask |= KADM5_CONFIG_REALM;
     } else {
         ret = krb5_get_default_realm(context, &lrealm);
         if (ret)
@@ -730,6 +733,10 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
             krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue);
         if (svalue == NULL)
             svalue = strdup(KRB5_DEFAULT_SUPPORTED_ENCTYPES);
+        if (svalue == NULL) {
+            ret = ENOMEM;
+            goto cleanup;
+        }
 
         params.keysalts = NULL;
         params.num_keysalts = 0;