Hi krb5 maintainers, I think there is a bug in krb5_gss_get_name_attribute introduced in release 1.10 around lines 389-394 of src/lib/gssapi/krb5/naming_exts.c: if (display_value != NULL) { if (code != 0) code = data_to_gss(&kdisplay_value, display_value); else free(kdisplay_value.data); } I think the "if (code != 0)" test needs to be inverted, otherwise *display_value is never set when the function returns 0 for success. I found this when trying to figure out why Samba3's smbd was crapping out on me. It called gss_get_name_attribute with display_value pointing to an uninitialized gss_buffer_t variable on the stack and later passed a pointer to the same variable to gss_release_buffer() which caused glib's free() to abort the process because display_value->value was an uninitialized pointer. Best regards, Ian Abbott. -- -=( Ian Abbott @ MEV Ltd. E-mail: )=- -=( Tel: +44 (0)161 477 1898 FAX: +44 (0)161 718 3587 )=-