Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
From: ghudson@mit.edu
Subject: git commit
X-RT-Original-Encoding: iso-8859-1
Content-Length: 565


Fix invalid JSON handling in KDC OTP module

If the OTP configuration for a principal contains invalid JSON, the
KDC OTP module calls k5_json_get_tid on a null pointer, causing the
KDC process to crash.  Fix this bug by checking the return value of
k5_json_decode in decode_config_json.

https://github.com/krb5/krb5/commit/dab1c234e15afdc64dfe776bdbc65bbc17d07e12
Author: Greg Hudson <ghudson@mit.edu>
Commit: dab1c234e15afdc64dfe776bdbc65bbc17d07e12
Branch: master
 src/plugins/preauth/otp/otp_state.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)