krb5 commit: Fix apply_keysalt_policy bug
Greg Hudson
ghudson at MIT.EDU
Wed Aug 15 15:33:56 EDT 2012
https://github.com/krb5/krb5/commit/b52d0c793c82e9c74f03b1d2a5d251a1adc4626f
commit b52d0c793c82e9c74f03b1d2a5d251a1adc4626f
Author: Greg Hudson <ghudson at mit.edu>
Date: Wed Aug 15 15:12:12 2012 -0400
Fix apply_keysalt_policy bug
If apply_keysalt_policy is called with null result arguments (as from
kadm5_setkey_principal_3), we would dereference a null pointer if the
principal has no policy or no policy allowed_keysalts field, due to an
incorrect optimization. Reported by Nico.
ticket: 7223
src/lib/kadm5/srv/svr_principal.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index f405f55..5d85827 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -224,7 +224,7 @@ apply_keysalt_policy(kadm5_server_handle_t handle, const char *policy,
goto cleanup;
}
- if (polent.allowed_keysalts == NULL && new_n_kstp != NULL) {
+ if (polent.allowed_keysalts == NULL) {
/* Requested keysalts allowed or default to supported_enctypes. */
if (n_ks_tuple == 0) {
/* Default to supported_enctypes. */
More information about the cvs-krb5
mailing list