krb5 commit [krb5-1.10]: Avoid malloc(0) in SPNEGO get_input_token

[Tom Yu]

https://github.com/krb5/krb5/commit/c9eaac15a27a61df98b063d0a8432422a9b96f24
commit c9eaac15a27a61df98b063d0a8432422a9b96f24
Author: Greg Hudson <ghudson at mit.edu>
Date:   Fri Dec 6 18:56:56 2013 -0500

    Avoid malloc(0) in SPNEGO get_input_token
    
    If we read a zero-length token in spnego_mech.c's get_input_token(),
    set the value pointer to NULL instead of calling malloc(0).
    
    (cherry picked from commit 13fd26e1863c79f616653f6a10a58c01f65fceff)
    
    ticket: 7841 (new)
    version_fixed: 1.10.8
    status: resolved

 src/lib/gssapi/spnego/spnego_mech.c |   15 +++++++++------
 1 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
index f916e49..fe93140 100644
--- a/src/lib/gssapi/spnego/spnego_mech.c
+++ b/src/lib/gssapi/spnego/spnego_mech.c
@@ -3071,14 +3071,17 @@ get_input_token(unsigned char **buff_in, unsigned int buff_length)
 		return (NULL);
 
 	input_token->length = len;
-	input_token->value = gssalloc_malloc(input_token->length);
+	if (input_token->length > 0) {
+		input_token->value = gssalloc_malloc(input_token->length);
+		if (input_token->value == NULL) {
+			free(input_token);
+			return (NULL);
+		}
 
-	if (input_token->value == NULL) {
-		free(input_token);
-		return (NULL);
+		memcpy(input_token->value, *buff_in, input_token->length);
+	} else {
+		input_token->value = NULL;
 	}
-
-	(void) memcpy(input_token->value, *buff_in, input_token->length);
 	*buff_in += input_token->length;
 	return (input_token);
 }