From: Greg Hudson <ghudson@mit.edu>
Date: Tue, 16 Apr 2019 14:47:35 +0000 (-0400)
Subject: Fix config realm change logic in FILE remove_cred
X-Git-Tag: krb5-1.18-beta1~158
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F915%2Fhead;p=thirdparty%2Fkrb5.git

Fix config realm change logic in FILE remove_cred

Use data_eq_string() to check the server realm, and do not check if
cred->server is NULL since it is not expected to be (and
k5_marshal_cred() would have already crashed if it were).

ticket: 8792
---

diff --git a/src/lib/krb5/ccache/cc_file.c b/src/lib/krb5/ccache/cc_file.c
index 91a77bf8d0..f0f1409f35 100644
--- a/src/lib/krb5/ccache/cc_file.c
+++ b/src/lib/krb5/ccache/cc_file.c
@@ -1058,8 +1058,7 @@ delete_cred(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor,
 
     /* For config entries, also change the realm so that other implementations
      * won't match them. */
-    if (cred->server != NULL && cred->server->realm.length > 0 &&
-        strcmp(cred->server->realm.data, "X-CACHECONF:") == 0)
+    if (data_eq_string(cred->server->realm, "X-CACHECONF:"))
         memcpy(cred->server->realm.data, "X-RMED-CONF:", 12);
 
     k5_marshal_cred(&overwrite, fcursor->version, cred);