Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary X-RT-Original-Encoding: iso-8859-1 Content-Length: 485 glibc's getpwnam_r returns success even if the user wasn't found, but the result pointer is set to NULL. The Kerberos source assumes that k5_getpwnam_r will fail if the user wasn't found and dereferences OUT without any further checks. Use a technique similar to the other cases and change the status to -1 if OUT is NULL. A better approach may be to change the source to not assume success means that OUT is non-NULL, since that appears to be all POSIX guarantees. But this works.