krb5 commit: Fix krb5_def_fetch_mkey_list() segfault

Fri Apr 22 15:00:37 EDT 2016

https://github.com/krb5/krb5/commit/83494605b2dd594ab33f9b3cfa5abc82cf0f9e92
commit 83494605b2dd594ab33f9b3cfa5abc82cf0f9e92
Author: Matt Rogers <mrogers at redhat.com>
Date:   Fri Apr 15 17:27:36 2016 -0400

    Fix krb5_def_fetch_mkey_list() segfault
    
    Return KRB5_KDB_NOMASTERKEY if K/M contains no key data, instead of
    blindly dereferencing the first key data element.
    
    ticket: 8395 (new)
    target_version: 1.14-next
    target_version: 1.13-next
    tags: pullup

 src/lib/kdb/kdb_default.c |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c
index 416f7d7..ebda9d6 100644
--- a/src/lib/kdb/kdb_default.c
+++ b/src/lib/kdb/kdb_default.c
@@ -445,6 +445,11 @@ krb5_def_fetch_mkey_list(krb5_context        context,
     if (retval)
         return (retval);
 
+    if (master_entry->n_key_data == 0) {
+        retval = KRB5_KDB_NOMASTERKEY;
+        goto clean_n_exit;
+    }
+
     /*
      * Check if the input mkey is the latest key and if it isn't then find the
      * latest mkey.
