krb5 commit [krb5-1.13]: Fix krb5_def_fetch_mkey_list() segfault

Wed Jul 6 14:46:04 EDT 2016

https://github.com/krb5/krb5/commit/d70597bc1cdd8bd22299b61ac17b9d684c626b8f
commit d70597bc1cdd8bd22299b61ac17b9d684c626b8f
Author: Matt Rogers <mrogers at redhat.com>
Date:   Fri Apr 15 17:27:36 2016 -0400

    Fix krb5_def_fetch_mkey_list() segfault
    
    Return KRB5_KDB_NOMASTERKEY if K/M contains no key data, instead of
    blindly dereferencing the first key data element.
    
    (cherry picked from commit 83494605b2dd594ab33f9b3cfa5abc82cf0f9e92)
    
    ticket: 8395
    version_fixed: 1.13.6

 src/lib/kdb/kdb_default.c |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c
index 31b3e69..9301f1d 100644
--- a/src/lib/kdb/kdb_default.c
+++ b/src/lib/kdb/kdb_default.c
@@ -449,6 +449,11 @@ krb5_def_fetch_mkey_list(krb5_context        context,
     if (retval)
         return (retval);
 
+    if (master_entry->n_key_data == 0) {
+        retval = KRB5_KDB_NOMASTERKEY;
+        goto clean_n_exit;
+    }
+
     /*
      * Check if the input mkey is the latest key and if it isn't then find the
      * latest mkey.
