Bug in pkinit_clnt.c?
Greg Hudson
ghudson at mit.edu
Fri Jul 3 23:05:17 EDT 2015
On 07/03/2015 12:43 PM, Daniel Deptuła wrote:
> - for (princptr = princs; *princptr != NULL; princptr++)
> - TRACE_PKINIT_CLIENT_SAN_KDCCERT_PRINC(context, *princptr);
> + if (princs != NULL) {
> + for (princptr = princs; *princptr != NULL; princptr++)
> + TRACE_PKINIT_CLIENT_SAN_KDCCERT_PRINC(context, *princptr);
> + }
This is correct in spirit; other parts of the function allow for princs
to be NULL, and there are rare cases where the OpenSSL implementation
will return 0 with princs set to NULL. I filed in a pull request for a
similar fix. Thanks for the report.
More information about the Kerberos
mailing list