krb5 commit [krb5-1.11]: Fix unlikely null dereference in mk_cred()

[Tom Yu]

https://github.com/krb5/krb5/commit/cb819b0dfcaecb7989c4a0cfe7d9da039545576b
commit cb819b0dfcaecb7989c4a0cfe7d9da039545576b
Author: Nalin Dahyabhai <nalin at redhat.com>
Date:   Wed Jun 25 12:56:42 2014 -0400

    Fix unlikely null dereference in mk_cred()
    
    If krb5_encrypt_keyhelper() returns an error, the ciphertext structure
    may contain a non-zero length, but it will already have freed the
    pointer to its data, making encrypt_credencpart()'s subsequent attempt
    to clear and free the memory fail.  Remove that logic.
    
    Based on a patch from Jatin Nansi.
    
    (cherry picked from commit 476284de8dc9a52b5544445cb1b316a417ae88f0)
    
    ticket: 8107 (new)
    version_fixed: 1.11.6
    status: resolved

 src/lib/krb5/krb/mk_cred.c |    7 -------
 1 files changed, 0 insertions(+), 7 deletions(-)

diff --git a/src/lib/krb5/krb/mk_cred.c b/src/lib/krb5/krb/mk_cred.c
index 566d138..0a58c9d 100644
--- a/src/lib/krb5/krb/mk_cred.c
+++ b/src/lib/krb5/krb/mk_cred.c
@@ -48,13 +48,6 @@ encrypt_credencpart(krb5_context context, krb5_cred_enc_part *pcredpart,
                                     KRB5_KEYUSAGE_KRB_CRED_ENCPART,
                                     scratch, pencdata);
 
-    if (retval) {
-        memset(pencdata->ciphertext.data, 0, pencdata->ciphertext.length);
-        free(pencdata->ciphertext.data);
-        pencdata->ciphertext.length = 0;
-        pencdata->ciphertext.data = 0;
-    }
-
     memset(scratch->data, 0, scratch->length);
     krb5_free_data(context, scratch);