Fix KDC null deref on bad encrypted challenge

The function ec_verify() in src/kdc/kdc_preauth_ec.c contains a check
to avoid further processing if the armor key is NULL.  However, this
check is bypassed by a call to k5memdup0() which overwrites retval
with 0 if the allocation succeeds.  If the armor key is NULL, a call
to krb5_c_fx_cf2_simple() will then dereference it, resulting in a
crash.  Add a check before the k5memdup0() call to avoid overwriting
retval.

CVE-2021-36222:

In MIT krb5 releases 1.16 and later, an unauthenticated attacker can
cause a null dereference in the KDC by sending a request containing a
PA-ENCRYPTED-CHALLENGE padata element without using FAST.

[ghudson@mit.edu: trimmed patch; added test case; edited commit
message]

ticket: 9007 (new)
tags: pullup
target_version: 1.19-next
target_version: 1.18-next

1 files changed, 1 insertions, 0 deletions

diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
index fc6fcc0..1a19383 100644
--- a/src/tests/Makefile.in
+++ b/src/tests/Makefile.in
@@ -166,6 +166,7 @@ check-pytests: unlockiter s4u2self
 	$(RUNPYTEST) $(srcdir)/t_cve-2012-1015.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_cve-2013-1416.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/t_cve-2013-1417.py $(PYTESTFLAGS)
+	$(RUNPYTEST) $(srcdir)/t_cve-2021-36222.py $(PYTESTFLAGS)
 	$(RM) au.log
 	$(RUNPYTEST) $(srcdir)/t_audit.py $(PYTESTFLAGS)
 	$(RUNPYTEST) $(srcdir)/jsonwalker.py -d $(srcdir)/au_dict.json \