Avoid malloc(0) in SPNEGO get_input_token If we read a zero-length token in spnego_mech.c's get_input_token(), set the value pointer to NULL instead of calling malloc(0). https://github.com/krb5/krb5/commit/13fd26e1863c79f616653f6a10a58c01f65fceff Author: Greg Hudson Commit: 13fd26e1863c79f616653f6a10a58c01f65fceff Branch: master src/lib/gssapi/spnego/spnego_mech.c | 15 +++++++++------ 1 files changed, 9 insertions(+), 6 deletions(-)