Content-Type: text/html; charset="gb2312" Content-Transfer-Encoding: quoted-printable X-RT-Original-Encoding: gb2312 Content-Length: 743
Hi Team,

In kadm5_get_config_params() of krb5-1.16.1/src/lib/kadm5/alt_prof.c,
After calling strdup() to assign pointer svalue,
we directly dereference it without checking if it is valid.

We should add pointer validity checking for svalue after assigning.

Could someone help to take a look?