diff options
author | Isaac Boukris <iboukris@gmail.com> | 2017-03-04 21:23:32 +0200 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2017-07-17 15:22:15 -0400 |
commit | 6f62a483d54bbd54d6e0d87148cf565590cdc9e0 (patch) | |
tree | 2d599767ed3eb32c6e01f293e9a83ce74273ff5b | |
parent | 1a0f9d840a568ef8dc771f04e674aa34d94e329e (diff) | |
download | krb5-6f62a483d54bbd54d6e0d87148cf565590cdc9e0.zip krb5-6f62a483d54bbd54d6e0d87148cf565590cdc9e0.tar.gz krb5-6f62a483d54bbd54d6e0d87148cf565590cdc9e0.tar.bz2 |
Allow null outputs to gss_get_name_attribute()
In krb5_gss_get_name_attribute(), always ask for kvalue and
kdisplay_value when calling krb5_authdata_get_attribute(), as it
currently expect non-null arguments. This change allows applications
to pass GSS_C_NO_BUFFER for the value and display_value output
parameters. (Passing NULL for the authenticated and complete output
parameters already works.)
[ghudson@mit.edu: initialized kvalue and kdisplay_value for safety]
(cherry picked from commit 0cff20bd02c7e9b0bc88c425b58fa2d379da51b3)
ticket: 8557
version_fixed: 1.14.6
-rw-r--r-- | src/lib/gssapi/krb5/naming_exts.c | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/src/lib/gssapi/krb5/naming_exts.c b/src/lib/gssapi/krb5/naming_exts.c index 6062a6d..0edb4b8 100644 --- a/src/lib/gssapi/krb5/naming_exts.c +++ b/src/lib/gssapi/krb5/naming_exts.c @@ -319,8 +319,8 @@ krb5_gss_get_name_attribute(OM_uint32 *minor_status, krb5_data kattr; krb5_boolean kauthenticated; krb5_boolean kcomplete; - krb5_data kvalue; - krb5_data kdisplay_value; + krb5_data kvalue = empty_data(); + krb5_data kdisplay_value = empty_data(); if (minor_status != NULL) *minor_status = 0; @@ -355,8 +355,8 @@ krb5_gss_get_name_attribute(OM_uint32 *minor_status, &kattr, &kauthenticated, &kcomplete, - value ? &kvalue : NULL, - display_value ? &kdisplay_value : NULL, + &kvalue, + &kdisplay_value, more); if (code == 0) { if (value != NULL) @@ -367,14 +367,13 @@ krb5_gss_get_name_attribute(OM_uint32 *minor_status, if (complete != NULL) *complete = kcomplete; - if (display_value != NULL) { - if (code == 0) - code = data_to_gss(&kdisplay_value, display_value); - else - free(kdisplay_value.data); - } + if (display_value != NULL && code == 0) + code = data_to_gss(&kdisplay_value, display_value); } + free(kdisplay_value.data); + free(kvalue.data); + k5_mutex_unlock(&kname->lock); krb5_free_context(context); |