[krbdev.mit.edu #8726] Directly dereference the pointer certname which may be NULL in parse_fs_options()

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[krbdev.mit.edu #8726] Directly dereference the pointer certname which may be NULL in parse_fs_options()

Greg Hudson via RT-2
Hi Team,

In parse_fs_options() of krb5-1.16.1/src/plugins/preauth/pkinit/pkinit_identity.c,
After calling strtok_r() to assign pointer certname,
we directly dereference it without checking if it is valid.

We should add pointer validity checking for certname after assigning.

Could someone help to take a look?

Thanks,
Bean

_______________________________________________
krb5-bugs mailing list
[hidden email]
https://mailman.mit.edu/mailman/listinfo/krb5-bugs