[981] in Kerberos-V5-bugs
lib/krb5/krb/rd_req_dec.c NULL pointer problem
daemon@ATHENA.MIT.EDU (epeisach@MIT.EDU)
Wed Dec 7 12:16:25 1994
From: epeisach@MIT.EDU
Date: Wed, 7 Dec 1994 12:16:13 -0500
To: krb5-bugs@MIT.EDU
lib/krb5/krb/rd_req_dec.c has NULL pointer problem. Looking at
decode_krb5_authenticator, the subkey is optional. This causes a deref
problem...
The fix is to test if the subkey is set before setting the encryption
type...
(this is already correct in rd_req.c)
Ezra
===================================================================
RCS file: /mit/krb5/.cvsroot/src/lib/krb5/krb/rd_req_dec.c,v
retrieving revision 5.40
diff -c -r5.40 rd_req_dec.c
*** 5.40 1994/11/11 05:33:17
--- rd_req_dec.c 1994/12/07 16:58:01
***************
*** 336,342 ****
/* now decode the decrypted stuff */
if (!(retval = decode_krb5_authenticator(&scratch, &local_auth))) {
*authpp = local_auth;
! local_auth->subkey->etype = request->authenticator.etype;
}
clean_scratch();
return retval;
--- 336,343 ----
/* now decode the decrypted stuff */
if (!(retval = decode_krb5_authenticator(&scratch, &local_auth))) {
*authpp = local_auth;
! if(local_auth->subkey)
! local_auth->subkey->etype = request->authenticator.etype;
}
clean_scratch();
return retval;
