Fix krb5_def_fetch_mkey_list() segfault

Return KRB5_KDB_NOMASTERKEY if K/M contains no key data, instead of blindly dereferencing the first key data element. ticket: 8395 (new) target_version: 1.14-next target_version: 1.13-next tags: pullup
krb5 · Apr 22, 2016 · 8349460 · 8349460
1 parent ab822c5
commit 8349460
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c
@@ -445,6 +445,11 @@ krb5_def_fetch_mkey_list(krb5_context        context,
     if (retval)
         return (retval);
 
+    if (master_entry->n_key_data == 0) {
+        retval = KRB5_KDB_NOMASTERKEY;
+        goto clean_n_exit;
+    }
+
     /*
      * Check if the input mkey is the latest key and if it isn't then find the
      * latest mkey.