summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2012-05-21 20:36:44 -0400
committerStephen Gallagher <sgallagh@redhat.com>2012-05-22 09:11:13 -0400
commita3dd0afecaf1c197ac06e1da5cf59ad985c7abe9 (patch)
tree25e2b80fd938ce8a8702d6b63f7bbef59fff0ece
parent29418db014ba58093fe4b538ac569c35e5302af3 (diff)
downloadsssd-a3dd0afecaf1c197ac06e1da5cf59ad985c7abe9.tar.gz
sssd-a3dd0afecaf1c197ac06e1da5cf59ad985c7abe9.tar.xz
sssd-a3dd0afecaf1c197ac06e1da5cf59ad985c7abe9.zip
KRB5: Avoid NULL-dereference with empty keytab
https://fedorahosted.org/sssd/ticket/1330
-rw-r--r--src/util/sss_krb5.c20
1 files changed, 13 insertions, 7 deletions
diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c
index 988531995..81a1623ef 100644
--- a/src/util/sss_krb5.c
+++ b/src/util/sss_krb5.c
@@ -1104,14 +1104,20 @@ sss_krb5_read_etypes_for_keytab(TALLOC_CTX *mem_ctx,
}
if (ret == 0) {
- /* Sort the preferred enctypes first */
- qsort(etypes, count, sizeof(*etypes), compare_etypes);
- etypes = talloc_realloc(tmp_ctx, etypes, krb5_enctype, count);
- if (etypes == NULL) {
- ret = ENOMEM;
+ if (etypes) {
+ /* Sort the preferred enctypes first */
+ qsort(etypes, count, sizeof(*etypes), compare_etypes);
+ etypes = talloc_realloc(tmp_ctx, etypes, krb5_enctype, count);
+ if (etypes == NULL) {
+ ret = ENOMEM;
+ } else {
+ *etype_list = talloc_steal(mem_ctx, etypes);
+ *n_etype_list = count;
+ }
} else {
- *etype_list = talloc_steal(mem_ctx, etypes);
- *n_etype_list = count;
+ /* The key table was empty. There are no enctypes to match */
+ *etype_list = NULL;
+ *n_etype_list = 0;
}
}