[krbdev.mit.edu #1527] krb5_rd_safe_basic() throws exception when sender_addr is NULL
via RT
rt-comment at krbdev.mit.edu
Sun May 25 23:44:19 EDT 2003
When 'sender_addr' is NULL, krb5_rd_safe_basic() calls
krb5_address_compare() which throws a NULL pointer exception.
krb5_address_compare() checks to ensure that message->r_address and
recv_addr are not NULL before calling krb5_address_compare() but does
not check the state of sender_addr and message->s_address.
'sender_addr' will be NULL if krb5_rd_safe() is called without
generating address bindings for the auth_context.
More information about the krb5-bugs
mailing list