]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4f6f91b)
Fix apply_keysalt_policy bug
authorGreg Hudson <ghudson@mit.edu>
Wed, 15 Aug 2012 19:12:12 +0000 (15:12 -0400)
committerGreg Hudson <ghudson@mit.edu>
Wed, 15 Aug 2012 19:33:50 +0000 (15:33 -0400)
If apply_keysalt_policy is called with null result arguments (as from
kadm5_setkey_principal_3), we would dereference a null pointer if the
principal has no policy or no policy allowed_keysalts field, due to an
incorrect optimization.  Reported by Nico.

ticket: 7223

src/lib/kadm5/srv/svr_principal.c patch | blob | blame | history

diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index f405f55ca949911880e8c4bd9f088bc591a5625c..5d858279d30ee96d61aedc2ac688cbfadc0d5180 100644 (file)
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -224,7 +224,7 @@ apply_keysalt_policy(kadm5_server_handle_t handle, const char *policy,
             goto cleanup;
     }
 
-    if (polent.allowed_keysalts == NULL && new_n_kstp != NULL) {
+    if (polent.allowed_keysalts == NULL) {
         /* Requested keysalts allowed or default to supported_enctypes. */
         if (n_ks_tuple == 0) {
             /* Default to supported_enctypes. */
Mirror of https://github.com/krb5/krb5.git