[37144] in Kerberos
Re: Bug in pkinit_clnt.c?
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Jul 3 23:05:34 2015
Message-ID: <55974D6D.1000308@mit.edu>
Date: Fri, 03 Jul 2015 23:05:17 -0400
From: Greg Hudson <ghudson@mit.edu>
MIME-Version: 1.0
To: =?UTF-8?B?RGFuaWVsIERlcHR1xYJh?= <daniel.deptula@gmail.com>,
kerberos@mit.edu
In-Reply-To: <5596BB9E.2060409@gmail.com>
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
On 07/03/2015 12:43 PM, Daniel DeptuĆa wrote:
> - for (princptr = princs; *princptr != NULL; princptr++)
> - TRACE_PKINIT_CLIENT_SAN_KDCCERT_PRINC(context, *princptr);
> + if (princs != NULL) {
> + for (princptr = princs; *princptr != NULL; princptr++)
> + TRACE_PKINIT_CLIENT_SAN_KDCCERT_PRINC(context, *princptr);
> + }
This is correct in spirit; other parts of the function allow for princs
to be NULL, and there are rare cases where the OpenSSL implementation
will return 0 with princs set to NULL. I filed in a pull request for a
similar fix. Thanks for the report.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos