On 07/03/2015 12:43 PM, Daniel Deptuła wrote:
> - for (princptr = princs; *princptr != NULL; princptr++)
> - TRACE_PKINIT_CLIENT_SAN_KDCCERT_PRINC(context, *princptr);
> + if (princs != NULL) {
> + for (princptr = princs; *princptr != NULL; princptr++)
> + TRACE_PKINIT_CLIENT_SAN_KDCCERT_PRINC(context, *princptr);
> + }
This is correct in spirit; other parts of the function allow for princs
to be NULL, and there are rare cases where the OpenSSL implementation
will return 0 with princs set to NULL. I filed in a pull request for a
similar fix. Thanks for the report.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
