From 93de356ec21857dc9e7070ee62997fa8ec3f82c3 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Fri, 10 Aug 2018 11:58:11 -0400 Subject: [PATCH] Check public_oid in gss_export_cred() In gss_export_cred(), check the gssint_get_public_oid() result as well as the gssint_get_mechanism() result. There are probably no cases where the former returns NULL and the latter does not, but it is easy to be more obviously correct. Reported by Bean Zhang. --- src/lib/gssapi/mechglue/g_export_cred.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/gssapi/mechglue/g_export_cred.c b/src/lib/gssapi/mechglue/g_export_cred.c index 8f5fe4ad5a..0c273bf14e 100644 --- a/src/lib/gssapi/mechglue/g_export_cred.c +++ b/src/lib/gssapi/mechglue/g_export_cred.c @@ -81,7 +81,7 @@ gss_export_cred(OM_uint32 * minor_status, gss_cred_id_t cred_handle, mech_oid = &cred->mechs_array[i]; public_oid = gssint_get_public_oid(mech_oid); mech = gssint_get_mechanism(mech_oid); - if (mech == NULL) { + if (public_oid == GSS_C_NO_OID || mech == NULL) { status = GSS_S_DEFECTIVE_CREDENTIAL; goto error; } -- 2.47.2