From: | Bean Zhang <bean.zhang@centrify.com> |
To: | "krb5-bugs@mit.edu" <krb5-bugs@mit.edu> |
Subject: | Directly dereference the pointer svalue which may be NULL in kadm5_get_config_params() |
Date: | Thu, 9 Aug 2018 06:31:29 +0000 |
Hi Team,
In kadm5_get_config_params() of krb5-1.16.1/src/lib/kadm5/alt_prof.c,
After calling strdup() to assign pointer svalue,
we directly dereference it without checking if it is valid.
We should add pointer validity checking for svalue after assigning.
Could someone help to take a look?
Thanks,
Bean