krb5: Fix null dereference in SPNEGO token processing
krb5 1.22.1 erroneously removed a check from get_negTokenResp() for successful decoding of the mechListMIC field. Restore the check to prevent a null pointer dereference. Commit message details obtained from upstream commit. Obtained from: Upstream commit 4ae75cded MFC after: 3 days
This commit is contained in:
@@ -3517,6 +3517,8 @@ get_negTokenResp(OM_uint32 *minor_status, struct k5input *in,
|
||||
|
||||
if (k5_der_get_value(&seq, CONTEXT | 0x03, &field)) {
|
||||
*mechListMIC = get_octet_string(&field);
|
||||
if (*mechListMIC == GSS_C_NO_BUFFER)
|
||||
return GSS_S_DEFECTIVE_TOKEN;
|
||||
|
||||
/* Handle Windows 2000 duplicate response token */
|
||||
if (*responseToken &&
|
||||
|
||||
Reference in New Issue
Block a user