diff options
author | Isaac Boukris <iboukris@gmail.com> | 2017-03-04 21:23:32 +0200 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2017-07-17 15:23:39 -0400 |
commit | d17107b322f4c6a93ccfa94e00c6af6ef81bb9bd (patch) | |
tree | 504a31ef56eb51d7f16f5d0f06a6f9c1f0115cfa | |
parent | 555979614b25235acb82980e622c9c635b59b07c (diff) | |
download | krb5-d17107b322f4c6a93ccfa94e00c6af6ef81bb9bd.zip krb5-d17107b322f4c6a93ccfa94e00c6af6ef81bb9bd.tar.gz krb5-d17107b322f4c6a93ccfa94e00c6af6ef81bb9bd.tar.bz2 |
Allow null outputs to gss_get_name_attribute()
In krb5_gss_get_name_attribute(), always ask for kvalue and
kdisplay_value when calling krb5_authdata_get_attribute(), as it
currently expect non-null arguments. This change allows applications
to pass GSS_C_NO_BUFFER for the value and display_value output
parameters. (Passing NULL for the authenticated and complete output
parameters already works.)
[ghudson@mit.edu: initialized kvalue and kdisplay_value for safety]
(cherry picked from commit 0cff20bd02c7e9b0bc88c425b58fa2d379da51b3)
ticket: 8557
version_fixed: 1.15.2
-rw-r--r-- | src/lib/gssapi/krb5/naming_exts.c | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/src/lib/gssapi/krb5/naming_exts.c b/src/lib/gssapi/krb5/naming_exts.c index 6062a6d..0edb4b8 100644 --- a/src/lib/gssapi/krb5/naming_exts.c +++ b/src/lib/gssapi/krb5/naming_exts.c @@ -319,8 +319,8 @@ krb5_gss_get_name_attribute(OM_uint32 *minor_status, krb5_data kattr; krb5_boolean kauthenticated; krb5_boolean kcomplete; - krb5_data kvalue; - krb5_data kdisplay_value; + krb5_data kvalue = empty_data(); + krb5_data kdisplay_value = empty_data(); if (minor_status != NULL) *minor_status = 0; @@ -355,8 +355,8 @@ krb5_gss_get_name_attribute(OM_uint32 *minor_status, &kattr, &kauthenticated, &kcomplete, - value ? &kvalue : NULL, - display_value ? &kdisplay_value : NULL, + &kvalue, + &kdisplay_value, more); if (code == 0) { if (value != NULL) @@ -367,14 +367,13 @@ krb5_gss_get_name_attribute(OM_uint32 *minor_status, if (complete != NULL) *complete = kcomplete; - if (display_value != NULL) { - if (code == 0) - code = data_to_gss(&kdisplay_value, display_value); - else - free(kdisplay_value.data); - } + if (display_value != NULL && code == 0) + code = data_to_gss(&kdisplay_value, display_value); } + free(kdisplay_value.data); + free(kvalue.data); + k5_mutex_unlock(&kname->lock); krb5_free_context(context); |