]> git.michaelhowe.org Git - packages/o/openafs.git/commitdiff
projects / packages / o / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0de4f7c)
Windows: netidmgr krb5_cc_get_principal can fail
authorJeffrey Altman <jaltman@your-file-system.com>
Mon, 14 Nov 2011 15:23:53 +0000 (10:23 -0500)
committerJeffrey Altman <jaltman@secure-endpoints.com>
Mon, 14 Nov 2011 20:51:38 +0000 (12:51 -0800)
Do not dereference a NULL pointer if krb5_cc_get_principal fails.

On master this bug is fixed by e55d1774b1b5b27a3617467b5e2a24ee2be3a38c
but that change is after the conversion to the Kerberos Compatibility
SDK and cannot be applied to openafs-stable-1_6_x.

Change-Id: I646011dd3171fd1aa6f40f349329f8261546b809
Reviewed-on: http://gerrit.openafs.org/6019
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
src/WINNT/netidmgr_plugin/afsfuncs.c patch | blob | history

diff --git a/src/WINNT/netidmgr_plugin/afsfuncs.c b/src/WINNT/netidmgr_plugin/afsfuncs.c
index 6a779294ae2859f8b2a2070cedfe280d204e6abe..477e0f68dc5db6978c1c240c29d0d923b2387930 100644 (file)
--- a/src/WINNT/netidmgr_plugin/afsfuncs.c
+++ b/src/WINNT/netidmgr_plugin/afsfuncs.c
@@ -849,13 +849,18 @@ afs_klog(khm_handle identity,
 
             memset(&increds, 0, sizeof(increds));
 
-            pkrb5_cc_get_principal(context, k5cc, &client_principal);
-            i = krb5_princ_realm(context, client_principal)->length;
-            if (i > MAXKTCREALMLEN-1)
-                i = MAXKTCREALMLEN-1;
-            StringCchCopyNA(realm_of_user, ARRAYLENGTH(realm_of_user),
-                            krb5_princ_realm(context, client_principal)->data,
-                            i);
+            r = pkrb5_cc_get_principal(context, k5cc, &client_principal);
+            if (!r) {
+                i = krb5_princ_realm(context, client_principal)->length;
+                if (i > MAXKTCREALMLEN-1)
+                    i = MAXKTCREALMLEN-1;
+                StringCchCopyNA(realm_of_user, ARRAYLENGTH(realm_of_user),
+                                krb5_princ_realm(context, client_principal)->data,
+                                i);
+            } else {
+                _reportf(L"krb5_cc_get_principal returns code %d", r);
+                goto try_krb4;
+            }
         } else {
             _reportf(L"khm_krb5_initialize returns code %d", r);
             goto try_krb4;