Avoid malloc(0) in SPNEGO get_input_token If we read a zero-length token in spnego_mech.c's get_input_token(), set the value pointer to NULL instead of calling malloc(0). (cherry picked from commit 13fd26e1863c79f616653f6a10a58c01f65fceff) https://github.com/krb5/krb5/commit/091a9614049ace17fd89352c2d7e42ff210991ed Author: Greg Hudson Committer: Tom Yu Commit: 091a9614049ace17fd89352c2d7e42ff210991ed Branch: krb5-1.12 src/lib/gssapi/spnego/spnego_mech.c | 15 +++++++++------ 1 files changed, 9 insertions(+), 6 deletions(-)