libheimdal-kadm5-perl (0.08-5) UNRELEASED; urgency=medium
+ * Guard against a NULL mod_name in getModName and return undef. Thanks,
+ Sergio Gelato. (Closes: #670517)
* Convert to a proper 3.0 (quilt) package with managed patches.
* Contribute the package to the Debian Perl Group.
- Change Maintainer to the group.
--- /dev/null
+Description: Guard against NULL pointer dereference in krb5_unparse_name
+Author: Sergio Gelato <Sergio.Gelato@astro.su.se>
+
+--- a/Kadm5.xs
++++ b/Kadm5.xs
+@@ -737,14 +737,19 @@
+ char *p;
+ krb5_error_code ret;
+
+- ret = krb5_unparse_name(spp->handle->context,spp->principal.mod_name,&p);
+- if (ret)
++ if (spp->principal.mod_name)
++ {
++ ret = krb5_unparse_name(spp->handle->context,spp->principal.mod_name,&p);
++ if (ret)
+ {
+ safefree(p);
+ croak("[Heimdal::Kadm5] krb5_unparse_name failed: %s\n",
+ krb5_get_err_text(spp->handle->context, ret));
+ }
+- RETVAL = newSVpv(p,0);
++ RETVAL = newSVpv(p,0);
++ }
++ else
++ RETVAL = &PL_sv_undef;
+ }
+ OUTPUT:
+ RETVAL