* preauth.c (handle_sam_labels):

	(obtain_sam_padata): Check return of malloc. [krb5-libs/518]

	* chpw.c (krb5_mk_chpw_req): Check return of malloc.
	(krb5_rd_chpw_rep): Check return of malloc. [krb5-libs/518]

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10346 dc483132-0cff-0310-8789-dd5450dbe970

1 files changed, 10 insertions, 0 deletions

diff --git a/src/lib/krb5/krb/preauth.c b/src/lib/krb5/krb/preauth.c
index 910069d1c..c106dd15a 100644
--- a/src/lib/krb5/krb/preauth.c
+++ b/src/lib/krb5/krb/preauth.c
@@ -478,6 +478,8 @@ char *handle_sam_labels(sc)
     p = prompt1 = malloc(label_len + strlen(sep1) +
 			 challenge_len + strlen(sep2) +
 			 prompt_len+ strlen(sep3) + 1);
+    if (p == NULL)
+	return NULL;
     if (challenge_len) {
 	strncpy(p, label, label_len); p += label_len;
 	strcpy(p, sep1); p += strlen(sep1);
@@ -540,7 +542,13 @@ obtain_sam_padata(context, in_padata, etype_info, def_enc_key,
       /* encrypt passcode in key by stuffing it here */
       int pcsize = 256;
       char *passcode = malloc(pcsize+1);
+      if (passcode == NULL)
+	return ENOMEM;
       prompt = handle_sam_labels(sam_challenge);
+      if (prompt == NULL) {
+	free(passcode);
+	return ENOMEM;
+      }
       retval = krb5_read_password(context, prompt, 0, passcode, &pcsize);
       free(prompt);
 
@@ -552,6 +560,8 @@ obtain_sam_padata(context, in_padata, etype_info, def_enc_key,
       enc_sam_response_enc.sam_passcode.length = pcsize;
     } else if (sam_challenge->sam_flags & KRB5_SAM_USE_SAD_AS_KEY) {
       prompt = handle_sam_labels(sam_challenge);
+      if (prompt == NULL)
+	return ENOMEM;
       retval = sam_get_pass_from_user(context, etype_info, key_proc, 
 				      key_seed, request, &sam_use_key,
 				      prompt);