From 5345695a87d0d48c58a2b65d1391be0256a19baf Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Mon, 14 Nov 2011 10:23:53 -0500 Subject: [PATCH] Windows: netidmgr krb5_cc_get_principal can fail Do not dereference a NULL pointer if krb5_cc_get_principal fails. On master this bug is fixed by e55d1774b1b5b27a3617467b5e2a24ee2be3a38c but that change is after the conversion to the Kerberos Compatibility SDK and cannot be applied to openafs-stable-1_6_x. Change-Id: I646011dd3171fd1aa6f40f349329f8261546b809 Reviewed-on: http://gerrit.openafs.org/6019 Tested-by: BuildBot Reviewed-by: Jeffrey Altman Tested-by: Jeffrey Altman --- src/WINNT/netidmgr_plugin/afsfuncs.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/src/WINNT/netidmgr_plugin/afsfuncs.c b/src/WINNT/netidmgr_plugin/afsfuncs.c index 6a779294a..477e0f68d 100644 --- a/src/WINNT/netidmgr_plugin/afsfuncs.c +++ b/src/WINNT/netidmgr_plugin/afsfuncs.c @@ -849,13 +849,18 @@ afs_klog(khm_handle identity, memset(&increds, 0, sizeof(increds)); - pkrb5_cc_get_principal(context, k5cc, &client_principal); - i = krb5_princ_realm(context, client_principal)->length; - if (i > MAXKTCREALMLEN-1) - i = MAXKTCREALMLEN-1; - StringCchCopyNA(realm_of_user, ARRAYLENGTH(realm_of_user), - krb5_princ_realm(context, client_principal)->data, - i); + r = pkrb5_cc_get_principal(context, k5cc, &client_principal); + if (!r) { + i = krb5_princ_realm(context, client_principal)->length; + if (i > MAXKTCREALMLEN-1) + i = MAXKTCREALMLEN-1; + StringCchCopyNA(realm_of_user, ARRAYLENGTH(realm_of_user), + krb5_princ_realm(context, client_principal)->data, + i); + } else { + _reportf(L"krb5_cc_get_principal returns code %d", r); + goto try_krb4; + } } else { _reportf(L"khm_krb5_initialize returns code %d", r); goto try_krb4; -- 2.39.5