[Freeipa-devel] [PATCH 0025] Add support to ipa-kdb for keyless principals
Alexander Bokovoy
abokovoy at redhat.com
Wed Feb 19 13:24:59 UTC 2014
On Wed, 19 Feb 2014, Simo Sorce wrote:
>On Tue, 2013-11-12 at 10:59 -0500, Nathaniel McCallum wrote:
>> diff --git a/util/ipa_krb5.c b/util/ipa_krb5.c
>> index
>> 934fd27d80cdd846f4de631b2dd587b0ad0f325c..cc84f9920a7b105c92dddd6cb765b435c0fbdfac 100644
>> --- a/util/ipa_krb5.c
>> +++ b/util/ipa_krb5.c
>> @@ -296,6 +296,9 @@ void ipa_krb5_free_key_data(krb5_key_data *keys,
>> int num_keys)
>> {
>> int i;
>>
>> + if (keys == NULL)
>> + return;
>> +
>> for (i = 0; i < num_keys; i++) {
>> /* try to wipe key from memory,
>> * hopefully the compiler will not optimize it away */
>> --
>
>This part is useless and can be dropped.
If ever num_key is not 0 and yet keys == NULL, we'll get crash in the
line
if (keys[i].key_data_length[0]) {
because there are no checks at all before that.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list