Where does the actual seg fault happen? krb5_authdata_size and krb5_authdata_externalize both appear able to handle null arguments without seg faulting.