From 931f594cf16b8c7f9f416d7a8831432b783a0ec8 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Mon, 21 May 2007 12:47:18 +0000
Subject: r23036: error checking on asn1_init() failure (This used to be commit
 26cf8494084c0106ef0e1c9b6ef40eeadf945ef2)

---
 source4/auth/gensec/spnego_parse.c   | 11 ++++++++++-
 source4/auth/kerberos/gssapi_parse.c | 13 ++++++++++++-
 2 files changed, 22 insertions(+), 2 deletions(-)

(limited to 'source4/auth')

diff --git a/source4/auth/gensec/spnego_parse.c b/source4/auth/gensec/spnego_parse.c
index c768d1e847..5382402206 100644
--- a/source4/auth/gensec/spnego_parse.c
+++ b/source4/auth/gensec/spnego_parse.c
@@ -265,7 +265,7 @@ static BOOL write_negTokenTarg(struct asn1_data *asn1, struct spnego_negTokenTar
 
 ssize_t spnego_read_data(TALLOC_CTX *mem_ctx, DATA_BLOB data, struct spnego_data *token)
 {
-	struct asn1_data *asn1 = asn1_init(mem_ctx);
+	struct asn1_data *asn1;
 	ssize_t ret = -1;
 	uint8_t context;
 
@@ -275,6 +275,11 @@ ssize_t spnego_read_data(TALLOC_CTX *mem_ctx, DATA_BLOB data, struct spnego_data
 		return ret;
 	}
 
+	asn1 = asn1_init(mem_ctx);
+	if (asn1 == NULL) {
+		return -1;
+	}
+
 	asn1_load(asn1, data);
 
 	if (!asn1_peek_uint8(asn1, &context)) {
@@ -311,6 +316,10 @@ ssize_t spnego_write_data(TALLOC_CTX *mem_ctx, DATA_BLOB *blob, struct spnego_da
 	struct asn1_data *asn1 = asn1_init(mem_ctx);
 	ssize_t ret = -1;
 
+	if (asn1 == NULL) {
+		return -1;
+	}
+
 	switch (spnego->type) {
 	case SPNEGO_NEG_TOKEN_INIT:
 		asn1_push_tag(asn1, ASN1_APPLICATION(0));
diff --git a/source4/auth/kerberos/gssapi_parse.c b/source4/auth/kerberos/gssapi_parse.c
index 86a9e9554a..de6fa31afb 100644
--- a/source4/auth/kerberos/gssapi_parse.c
+++ b/source4/auth/kerberos/gssapi_parse.c
@@ -31,13 +31,18 @@
 */
 DATA_BLOB gensec_gssapi_gen_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *ticket, const uint8_t tok_id[2])
 {
-	struct asn1_data *data = asn1_init(mem_ctx);
+	struct asn1_data *data;
 	DATA_BLOB ret;
 
 	if (!data || !ticket->data) {
 		return data_blob(NULL,0);
 	}
 
+	data = asn1_init(mem_ctx);
+	if (data == NULL) {
+		return data_blob(NULL,0);
+	}
+
 	asn1_push_tag(data, ASN1_APPLICATION(0));
 	asn1_write_OID(data, GENSEC_OID_KERBEROS5);
 
@@ -66,6 +71,10 @@ BOOL gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, D
 	struct asn1_data *data = asn1_init(mem_ctx);
 	int data_remaining;
 
+	if (!data) {
+		return False;
+	}
+
 	asn1_load(data, *blob);
 	asn1_start_tag(data, ASN1_APPLICATION(0));
 	asn1_check_OID(data, GENSEC_OID_KERBEROS5);
@@ -99,6 +108,8 @@ BOOL gensec_gssapi_check_oid(const DATA_BLOB *blob, const char *oid)
 	BOOL ret;
 	struct asn1_data *data = asn1_init(NULL);
 
+	if (!data) return False;
+
 	asn1_load(data, *blob);
 	asn1_start_tag(data, ASN1_APPLICATION(0));
 	asn1_check_OID(data, oid);
-- 
cgit