diff options
| author | Greg Hudson <ghudson@mit.edu> | 2012-08-15 15:12:12 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2012-08-15 15:33:50 -0400 |
| commit | b52d0c793c82e9c74f03b1d2a5d251a1adc4626f (patch) | |
| tree | eadf370abe9fca776a00c26fac646fa87ced9ae7 /src/lib/kadm5 | |
| parent | 4f6f91bf2a50feaf55ecf23069d2eaf881b8515c (diff) | |
| download | krb5-b52d0c793c82e9c74f03b1d2a5d251a1adc4626f.tar.gz krb5-b52d0c793c82e9c74f03b1d2a5d251a1adc4626f.tar.xz krb5-b52d0c793c82e9c74f03b1d2a5d251a1adc4626f.zip | |
Fix apply_keysalt_policy bug
If apply_keysalt_policy is called with null result arguments (as from
kadm5_setkey_principal_3), we would dereference a null pointer if the
principal has no policy or no policy allowed_keysalts field, due to an
incorrect optimization. Reported by Nico.
ticket: 7223
Diffstat (limited to 'src/lib/kadm5')
| -rw-r--r-- | src/lib/kadm5/srv/svr_principal.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c index f405f55ca..5d858279d 100644 --- a/src/lib/kadm5/srv/svr_principal.c +++ b/src/lib/kadm5/srv/svr_principal.c @@ -224,7 +224,7 @@ apply_keysalt_policy(kadm5_server_handle_t handle, const char *policy, goto cleanup; } - if (polent.allowed_keysalts == NULL && new_n_kstp != NULL) { + if (polent.allowed_keysalts == NULL) { /* Requested keysalts allowed or default to supported_enctypes. */ if (n_ks_tuple == 0) { /* Default to supported_enctypes. */ |