diff options
author | Matt Rogers <mrogers@redhat.com> | 2016-04-15 17:27:36 -0400 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2016-07-05 17:52:42 -0400 |
commit | d70597bc1cdd8bd22299b61ac17b9d684c626b8f (patch) | |
tree | 6df44386a0eb024c3f5b8e7c3011a0ef89eb7e6a | |
parent | cee6ae74ef677970483abfe22d28377a9a4df66d (diff) | |
download | krb5-d70597bc1cdd8bd22299b61ac17b9d684c626b8f.zip krb5-d70597bc1cdd8bd22299b61ac17b9d684c626b8f.tar.gz krb5-d70597bc1cdd8bd22299b61ac17b9d684c626b8f.tar.bz2 |
Fix krb5_def_fetch_mkey_list() segfault
Return KRB5_KDB_NOMASTERKEY if K/M contains no key data, instead of
blindly dereferencing the first key data element.
(cherry picked from commit 83494605b2dd594ab33f9b3cfa5abc82cf0f9e92)
ticket: 8395
version_fixed: 1.13.6
-rw-r--r-- | src/lib/kdb/kdb_default.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c index 31b3e69..9301f1d 100644 --- a/src/lib/kdb/kdb_default.c +++ b/src/lib/kdb/kdb_default.c @@ -449,6 +449,11 @@ krb5_def_fetch_mkey_list(krb5_context context, if (retval) return (retval); + if (master_entry->n_key_data == 0) { + retval = KRB5_KDB_NOMASTERKEY; + goto clean_n_exit; + } + /* * Check if the input mkey is the latest key and if it isn't then find the * latest mkey. |