s4:auth: Check that the PAC is not NULL before dereferencing it

author Joseph Sutton <josephsutton@catalyst.net.nz>

Mon, 30 Oct 2023 02:09:28 +0000 (15:09 +1300)

committer Andrew Bartlett <abartlet@samba.org>

Wed, 1 Nov 2023 20:10:45 +0000 (20:10 +0000)
author Joseph Sutton <josephsutton@catalyst.net.nz>
Mon, 30 Oct 2023 02:09:28 +0000 (15:09 +1300)
committer Andrew Bartlett <abartlet@samba.org>
Wed, 1 Nov 2023 20:10:45 +0000 (20:10 +0000)
diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c

index 4f291d81064193320f2467cea1ca3c6e14737cd3..c33dc2f9217d61b0c9db63d4c0b27d5309f78704 100644 (file)
--- a/source4/auth/kerberos/kerberos_pac.c
+++ b/source4/auth/kerberos/kerberos_pac.c
@@ -337,6 +337,11 @@ krb5_error_code kerberos_pac_to_user_info_dc(TALLOC_CTX *mem_ctx,
                 return ENOMEM;
         }
  
+       if (pac == NULL) {
+               talloc_free(tmp_ctx);
+               return EINVAL;
+       }
+
         ret = krb5_pac_get_buffer(context, pac, PAC_TYPE_LOGON_INFO, &k5pac_logon_info_in);
         if (ret != 0) {
                 talloc_free(tmp_ctx);
author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Mon, 30 Oct 2023 02:09:28 +0000 (15:09 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Wed, 1 Nov 2023 20:10:45 +0000 (20:10 +0000)