Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-RT-Original-Encoding: iso-8859-1 Content-Length: 2372

In src/lib/gssapi/krb5/s4u_gss_glue.c, krb5_gss_acquire_cred_impersonate_name doesn’t initialize cred.  If kg_impersonate_name returns an error it doesn’t set cred either so when *output_cred_handle is set to cred it’s set to unitialized memory.  The result is that gss_add_cred_impersonate_name in src/lib/gssapi/mechglue/g_acquire_cred_imp_name.c will then call mech->gss_release_cred on a bad cred pointer in its errout section.