From: | ghudson@mit.edu |
Subject: | git commit |
Fix invalid JSON handling in KDC OTP module
If the OTP configuration for a principal contains invalid JSON, the
KDC OTP module calls k5_json_get_tid on a null pointer, causing the
KDC process to crash. Fix this bug by checking the return value of
k5_json_decode in decode_config_json.
https://github.com/krb5/krb5/commit/dab1c234e15afdc64dfe776bdbc65bbc17d07e12
Author: Greg Hudson <ghudson@mit.edu>
Commit: dab1c234e15afdc64dfe776bdbc65bbc17d07e12
Branch: master
src/plugins/preauth/otp/otp_state.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)