From 0362fde476733bacfd7aa2d5eba24597a7f4fd56 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 29 Aug 2006 00:53:28 +0000
Subject: r17899: Fix Stanford checker bug - possible null deref. Jeremy. (This
 used to be commit e77949175144cbe4cfa58788d13acc704eebc251)

---
 source3/libads/sasl.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'source3/libads')

diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c
index 3c0bea93d6..b2613071b7 100644
--- a/source3/libads/sasl.c
+++ b/source3/libads/sasl.c
@@ -276,7 +276,7 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads)
 	int i=0;
 	int gss_rc, rc;
 	uint8 *p;
-	uint32 max_msg_size;
+	uint32 max_msg_size = 0;
 	char *sname;
 	ADS_STATUS status;
 	krb5_principal principal;
@@ -389,7 +389,10 @@ static ADS_STATUS ads_sasl_gssapi_bind(ADS_STRUCT *ads)
 #if 0
 	file_save("sasl_gssapi.dat", output_token.value, output_token.length);
 #endif
-	max_msg_size = (p[1]<<16) | (p[2]<<8) | p[3];
+
+	if (p) {
+		max_msg_size = (p[1]<<16) | (p[2]<<8) | p[3];
+	}
 
 	gss_release_buffer(&minor_status, &output_token);
 
-- 
cgit