[krbdev.mit.edu #8726] Directly dereference the pointer certname which may be NULL in parse_fs_options()
Bean Zhang via RT
rt-comment at KRBDEV-PROD-APP-1.mit.edu
Fri Aug 10 10:57:21 EDT 2018
Hi Team,
In parse_fs_options() of krb5-1.16.1/src/plugins/preauth/pkinit/pkinit_identity.c,
After calling strtok_r() to assign pointer certname,
we directly dereference it without checking if it is valid.
We should add pointer validity checking for certname after assigning.
Could someone help to take a look?
Thanks,
Bean
More information about the krb5-bugs
mailing list