From a3dd0afecaf1c197ac06e1da5cf59ad985c7abe9 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Mon, 21 May 2012 20:36:44 -0400
Subject: KRB5: Avoid NULL-dereference with empty keytab

https://fedorahosted.org/sssd/ticket/1330
---
 src/util/sss_krb5.c | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

(limited to 'src/util')

diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c
index 988531995..81a1623ef 100644
--- a/src/util/sss_krb5.c
+++ b/src/util/sss_krb5.c
@@ -1104,14 +1104,20 @@ sss_krb5_read_etypes_for_keytab(TALLOC_CTX *mem_ctx,
     }
 
     if (ret == 0) {
-        /* Sort the preferred enctypes first */
-        qsort(etypes, count, sizeof(*etypes), compare_etypes);
-        etypes = talloc_realloc(tmp_ctx, etypes, krb5_enctype, count);
-        if (etypes == NULL) {
-            ret = ENOMEM;
+        if (etypes) {
+            /* Sort the preferred enctypes first */
+            qsort(etypes, count, sizeof(*etypes), compare_etypes);
+            etypes = talloc_realloc(tmp_ctx, etypes, krb5_enctype, count);
+            if (etypes == NULL) {
+                ret = ENOMEM;
+            } else {
+                *etype_list = talloc_steal(mem_ctx, etypes);
+                *n_etype_list = count;
+            }
         } else {
-            *etype_list = talloc_steal(mem_ctx, etypes);
-            *n_etype_list = count;
+            /* The key table was empty. There are no enctypes to match */
+            *etype_list = NULL;
+            *n_etype_list = 0;
         }
     }
 
-- 
cgit