[28798] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.11]: Check for null *iter_p in profile_iterator()
daemon@ATHENA.MIT.EDU (Tom Yu)
Fri Feb 13 14:17:16 2015
Date: Fri, 13 Feb 2015 14:15:37 -0500
From: Tom Yu <tlyu@mit.edu>
Message-Id: <201502131915.t1DJFbYx013696@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/0f7a035f6a2eb0d0d71c24f85c5a7cc8497f8b69
commit 0f7a035f6a2eb0d0d71c24f85c5a7cc8497f8b69
Author: Greg Hudson <ghudson@mit.edu>
Date: Wed Jan 14 13:10:39 2015 -0500
Check for null *iter_p in profile_iterator()
In profile_iterator(), return PROF_MAGIC_ITERATOR if *iter_p is NULL,
instead of dereferencing a null pointer, as we did prior to 1.10.
Correct calling code will not trigger this case, but incorrect code
has been reported in the field.
(cherry picked from commit 9a343200d305e7c8df6e556d63afaee42194175f)
ticket: 8141 (new)
version_fixed: 1.11.6
status: resolved
src/util/profile/prof_get.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/util/profile/prof_get.c b/src/util/profile/prof_get.c
index 3eba787..16a1762 100644
--- a/src/util/profile/prof_get.c
+++ b/src/util/profile/prof_get.c
@@ -579,7 +579,7 @@ profile_iterator(void **iter_p, char **ret_name, char **ret_value)
*ret_name = NULL;
if (ret_value)
*ret_value = NULL;
- if (iter->magic != PROF_MAGIC_ITERATOR)
+ if (iter == NULL || iter->magic != PROF_MAGIC_ITERATOR)
return PROF_MAGIC_ITERATOR;
profile = iter->profile;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
