sssd/0014-KRB5-Avoid-NULL-dereference-with-empty-keytab.patch

From 0549c49a94c24672657748303fff1d33128c1c74 Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Mon, 21 May 2012 20:36:44 -0400
Subject: [PATCH 14/19] KRB5: Avoid NULL-dereference with empty keytab

https://fedorahosted.org/sssd/ticket/1330
---
 src/util/sss_krb5.c |   20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c
index 988531995aba7fd7a2a1d801fabde19fa537e26b..81a1623ef9df340d7618bdf55c1707ce4cfb1a6a 100644
--- a/src/util/sss_krb5.c
+++ b/src/util/sss_krb5.c
@@ -1104,14 +1104,20 @@ sss_krb5_read_etypes_for_keytab(TALLOC_CTX *mem_ctx,
     }
 
     if (ret == 0) {
-        /* Sort the preferred enctypes first */
-        qsort(etypes, count, sizeof(*etypes), compare_etypes);
-        etypes = talloc_realloc(tmp_ctx, etypes, krb5_enctype, count);
-        if (etypes == NULL) {
-            ret = ENOMEM;
+        if (etypes) {
+            /* Sort the preferred enctypes first */
+            qsort(etypes, count, sizeof(*etypes), compare_etypes);
+            etypes = talloc_realloc(tmp_ctx, etypes, krb5_enctype, count);
+            if (etypes == NULL) {
+                ret = ENOMEM;
+            } else {
+                *etype_list = talloc_steal(mem_ctx, etypes);
+                *n_etype_list = count;
+            }
         } else {
-            *etype_list = talloc_steal(mem_ctx, etypes);
-            *n_etype_list = count;
+            /* The key table was empty. There are no enctypes to match */
+            *etype_list = NULL;
+            *n_etype_list = 0;
         }
     }
 
-- 
1.7.10.1