krb5: Fix reachable assert when importing krb5 names

If a name token contains trailing garbage, error out from
krb5_gss_import_name() instead of crashing the process with an
assertion failure.

Commit message details obtained from upstream commit.
Obtained from:	upstream commit 07818f1fd
Reported by:	Aisle Research (Ze Sheng, Dmitrijs Trizna,
		Luigino Camastra, Guido Vranken) to krb5-bugs
MFC after:	3 days
This commit is contained in:
Cy Schubert
2026-06-02 11:09:43 -07:00
parent efb5c07f91
commit fce16f60de
@@ -297,7 +297,8 @@ import_name(OM_uint32 *minor_status, gss_buffer_t input_name_buffer,
goto fail_name;
cp += length;
}
assert(cp == end);
if (cp != end)
goto fail_name;
} else {
status = GSS_S_BAD_NAMETYPE;
goto cleanup;