krb5_get_cred_from_kdc fails to null terminate the tgt list

	if the next tgt in a cross-realm traversal cannot be
	obtained find_nxt_kdc() was calling krb5_free_creds()
	on the last tgt in the list but was failing to nullify
	the pointer to the cred that was just freed.

	if there were no additional tgts obtained, 
	krb5_get_cred_from_kdc() would return a non-NULL terminated
	cred list to the caller.  This would result in a crash 
	when attempting to manipulate the non-existent cred past
	the end of the list.

	This commit nullifies the credential pointer in 
	find_nxt_kdc() after the call to krb5_free_creds()
	

ticket: new
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19195 dc483132-0cff-0310-8789-dd5450dbe970

0 files changed, 0 insertions, 0 deletions